Apple has issued urgent security updates to counter a critical “Zero-Day” vulnerability, CVE-2025-43300, impacting iPhones, iPads, and Macs. This type of attack takes advantage of a software flaw without an existing fix, offering attackers a brief window to exploit it before a patch is available. Users are advised to update to the latest operating system, iOS 18.6.2, to mitigate this risk. The vulnerability is found in the Image I/O framework, crucial for image processing on Apple devices. Reports indicate the flaw may have been used in sophisticated attacks targeting specific individuals, potentially by an elite hacking group using images in emails or texts to exploit the issue. In a similar incident, Apple previously addressed a flaw in April that involved malicious media files causing memory corruption in iOS and macOS software.
Are iPhone users at risk of a ‘Zero-Day’ attack if they don’t update?
