dark
Hand-Picked Top-Read Stories
Trending Tags
2 minute read

Apple Backports Critical Fixes for 3 Recent 0-Days Impacting Older iOS and macOS Devices

Avatar
info@thehackernews.com (The Hacker News)
April 1, 2025
Apple on Monday backported fixes for three vulnerabilities that have come under active exploitation in the wild to older models and previous versions of the operating systems. The vulnerabilities in question are listed below – CVE-2025-24085 (CVSS score: 7.3) – A use-after-free bug in the Core Media component that could permit a malicious application already installed on a device to elevate
Total
0
Shares
0
0
0
[[{“value”:”

Apple on Monday backported fixes for three vulnerabilities that have come under active exploitation in the wild to older models and previous versions of the operating systems.

The vulnerabilities in question are listed below –

CVE-2025-24085 (CVSS score: 7.3) – A use-after-free bug in the Core Media component that could permit a malicious application already installed on a device to elevate privileges
CVE-2025-24200 (CVSS score: 4.6) – An authorization issue in the Accessibility component that could make it possible for a malicious actor to disable USB Restricted Mode on a locked device as part of a cyber physical attack
CVE-2025-24201 (CVSS score: 8.8) – An out-of-bounds write issue in the WebKit component that could allow an attacker to craft malicious web content such that it can break out of the Web Content sandbox

The updates are now available for the following operating system versions –

CVE-2025-24085 – Fixed in macOS Sonoma 14.7.5, macOS Ventura 13.7.5, and iPadOS 17.7.6
CVE-2025-24200 – Fixed in iOS 15.8.4, iPadOS 15.8.4, iOS 16.7.11, and iPadOS 16.7.11
CVE-2025-24201 – Fixed in iOS 15.8.4, iPadOS 15.8.4, iOS 16.7.11, and iPadOS 16.7.11

The fixes cover the following devices –

iOS 15.8.4 and iPadOS 15.8.4 – iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)
iOS 16.7.11 and iPadOS 16.7.11 – iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation
iPadOS 17.7.6 – iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation

The development comes as the tech giant released iOS 18.4 and iPadOS 18.4 to remedy 62 flaws, macOS Sequoia 15.4 to plug 131 flaws, tvOS 18.4 to resolve 36 flaws, visionOS 2.4 to patch 38 flaws, and Safari 18.4 to fix 14 flaws.

While none of the newly disclosed shortcomings have come under active exploitation, users are recommended to update their devices to the latest version to safeguard against potential threats.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.

“}]] The Hacker News 

Total
0
Shares
Share 0
Tweet 0
Share 0
Share 0
Share 0
Previous Post

Nearly 24,000 IPs Target PAN-OS GlobalProtect in Coordinated Login Scan Campaign

April 1, 2025
Next Post

Lucid PhaaS Hits 169 Targets in 88 Countries Using iMessage and RCS Smishing

April 1, 2025
Related Posts
2 min

AI Threats Are Evolving Fast — Learn Practical Defense Tactics in this Expert Webinar

The rules have changed. Again. Artificial intelligence is bringing powerful new tools to businesses. But it's also giving cybercriminals smarter ways to attack. They’re moving quicker, targeting more precisely, and slipping past old defenses without being noticed. And here's the harsh truth: If your security strategy hasn’t evolved with AI in mind, you’re already behind. But you’re not alone—and
Avatar
info@thehackernews.com (The Hacker News)
April 3, 2025
Read More
14 min

⚡ THN Weekly Recap: Router Hacks, PyPI Attacks, New Ransomware Decryptor, and More

From sophisticated nation-state campaigns to stealthy malware lurking in unexpected places, this week’s cybersecurity landscape is a reminder that attackers are always evolving. Advanced threat groups are exploiting outdated hardware, abusing legitimate tools for financial fraud, and finding new ways to bypass security defenses. Meanwhile, supply chain threats are on the rise, with open-source
Avatar
info@thehackernews.com (The Hacker News)
March 17, 2025
Read More