According to Bleeping Computer , Apple has just released an emergency update to patch a new zero-day vulnerability, exploited in an attack that the company describes as “extremely sophisticated”.
The vulnerability, identified as CVE-2025-43300, stems from an out-of-bounds write error in the Image I/O framework – a component that allows applications to read and write most image formats.
iPhone users from XS and above need to pay attention
When exploited, this bug can cause the program to crash, corrupt data, and in the worst case scenario, even open the way for an attacker to execute remote code just by processing a malicious image file.
Apple said the vulnerability was fixed by improving the memory limit checking mechanism, and released patches for multiple platforms, including iOS 18.6.2, iPadOS 18.6.2, iPadOS 17.7.10, macOS Sequoia 15.6.1, Sonoma 14.7.8, and Ventura 13.7.8.
iPhone XS and later models may be affected by new zero-day vulnerability
This means most iPhone models from XS and up, iPads from the 6th generation, and many new and old iPad Pro and Mac models are affected.
Although Apple has not yet announced details about the attack method or the targeted objects, the company recommends that users should update immediately to avoid the risk of being exploited.
With this patch, Apple has addressed a total of six zero-day vulnerabilities exploited in the wild since the beginning of 2025, continuing a series of emergency patches the company must issue throughout 2024 to deal with increasingly sophisticated threats.
Source: https://nld.com.vn/nguoi-dung-iphone-xs-tro-len-can-biet-thong-tin-nay-de-tranh-bi-hack-196250821174714317.htm
Comment (0)