Apple has resolved a critical vulnerability identified as CVE-2025-43300, which was exploited in a highly sophisticated attack targeting specific individuals. This vulnerability, an out-of-bounds write issue, could be triggered when a vulnerable device processes a malicious image file, leading to memory corruption. It affects the Image I/O framework utilized by Apple’s iOS and macOS operating systems. Apple has implemented improved bounds checking to address this flaw. Although the attacks were targeted, suggesting an aim to deliver spyware, all users are advised to update their devices promptly to ensure security.
How did Apple address the zero-day vulnerability exploited in a sophisticated attack?
