Apple has issued urgent security updates for iPhones, iPads, and Macs to address a critical zero-day vulnerability that has been reportedly exploited in targeted attacks. This vulnerability, identified as CVE-2025-43300, resides in the Image I/O framework of macOS, affecting how apps handle image files. By exploiting this flaw, attackers can manipulate device memory, potentially leading to system crashes or unauthorized code execution.
Apple has improved memory bounds checking to close this security gap. While the initial attacks were sophisticated and targeted at high-value individuals, there is a risk that the vulnerability could be used in broader attacks. Therefore, it is crucial for all users to update their devices promptly.
For iOS and iPadOS, users should navigate to Settings > General > Software Update to ensure they are running iOS 18.6.2 or iPadOS 18.6.2, or 17.7.10 for older models. Mac users should access System Settings via the Apple menu, select Software Update, and follow the prompts to install any available updates. It is advisable to enable Automatic Updates and save any work before restarting, as updates may require multiple reboots.
By updating, users bolster their system’s defenses, reducing the risk of exploitation.
