Apple rapidly released security patches for its iOS, iPadOS, and macOS devices to fix a zero-day vulnerability exploited in targeted attacks. This out-of-bounds write bug in the ImageIO framework could lead to memory corruption and was potentially exploited by commercial spyware vendors. #CVE-2025-43300 #ImageIO
Keypoints
- Apple issued urgent security updates for multiple operating systems to fix a zero-day vulnerability.
- The flaw, CVE-2025-43300, affects the ImageIO framework and allows malicious image files to cause memory corruption.
- The vulnerability has been exploited in highly targeted, sophisticated attacks, possibly by spyware vendors.
- Patches were included in recent updates for iOS 18.6.2, iPadOS 18.6.2, macOS Sequoia 15.6.1, Sonoma 14.7.8, and Ventura 13.7.8.
- All users are urged to update their devices immediately to mitigate the risk of exploitation.
Read More: https://www.securityweek.com/apple-patches-zero-day-exploited-in-targeted-attacks/