dark
Hand-Picked Top-Read Stories
Trending Tags
2 minute read

Apple Backports Critical Fixes for 3 Recent 0-Days Impacting Older iOS and macOS Devices

Avatar
info@thehackernews.com (The Hacker News)
April 1, 2025
Apple on Monday backported fixes for three vulnerabilities that have come under active exploitation in the wild to older models and previous versions of the operating systems. The vulnerabilities in question are listed below – CVE-2025-24085 (CVSS score: 7.3) – A use-after-free bug in the Core Media component that could permit a malicious application already installed on a device to elevate
Total
0
Shares
0
0
0
[[{“value”:”

Apple on Monday backported fixes for three vulnerabilities that have come under active exploitation in the wild to older models and previous versions of the operating systems.

The vulnerabilities in question are listed below –

CVE-2025-24085 (CVSS score: 7.3) – A use-after-free bug in the Core Media component that could permit a malicious application already installed on a device to elevate privileges
CVE-2025-24200 (CVSS score: 4.6) – An authorization issue in the Accessibility component that could make it possible for a malicious actor to disable USB Restricted Mode on a locked device as part of a cyber physical attack
CVE-2025-24201 (CVSS score: 8.8) – An out-of-bounds write issue in the WebKit component that could allow an attacker to craft malicious web content such that it can break out of the Web Content sandbox

The updates are now available for the following operating system versions –

CVE-2025-24085 – Fixed in macOS Sonoma 14.7.5, macOS Ventura 13.7.5, and iPadOS 17.7.6
CVE-2025-24200 – Fixed in iOS 15.8.4, iPadOS 15.8.4, iOS 16.7.11, and iPadOS 16.7.11
CVE-2025-24201 – Fixed in iOS 15.8.4, iPadOS 15.8.4, iOS 16.7.11, and iPadOS 16.7.11

The fixes cover the following devices –

iOS 15.8.4 and iPadOS 15.8.4 – iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)
iOS 16.7.11 and iPadOS 16.7.11 – iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation
iPadOS 17.7.6 – iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation

The development comes as the tech giant released iOS 18.4 and iPadOS 18.4 to remedy 62 flaws, macOS Sequoia 15.4 to plug 131 flaws, tvOS 18.4 to resolve 36 flaws, visionOS 2.4 to patch 38 flaws, and Safari 18.4 to fix 14 flaws.

While none of the newly disclosed shortcomings have come under active exploitation, users are recommended to update their devices to the latest version to safeguard against potential threats.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.

“}]] The Hacker News 

Total
0
Shares
Share 0
Tweet 0
Share 0
Share 0
Share 0
Previous Post

Nearly 24,000 IPs Target PAN-OS GlobalProtect in Coordinated Login Scan Campaign

April 1, 2025
Next Post

Lucid PhaaS Hits 169 Targets in 88 Countries Using iMessage and RCS Smishing

April 1, 2025
Related Posts
2 min

WooCommerce Users Targeted by Fake Patch Phishing Campaign Deploying Site Backdoors

Cybersecurity researchers are warning about a large-scale phishing campaign targeting WooCommerce users with a fake security alert urging them to download a "critical patch" but deploy a backdoor instead. WordPress security company Patchstack described the activity as sophisticated and a variant of another campaign observed in December 2023 that employed a fake CVE ploy to breach sites running
Avatar
info@thehackernews.com (The Hacker News)
April 28, 2025
Read More