- Apple released security updates for a critical flaw (CVE-2025-43300) affecting multiple devices and operating systems.
- The flaw, an out-of-bounds write issue in ImageIO, has been exploited in targeted attacks.
- A WhatsApp vulnerability (CVE-2025-55177) was used together with the Apple flaw to deliver spyware to less than 200 individuals.
- Updates are available for both current and older versions of iOS, iPadOS, and macOS devices.
- The patches also address multiple other security issues across Apple platforms, though none besides CVE-2025-43300 have been exploited in the wild.
Apple released security updates on Monday addressing a major vulnerability impacting ImageIO, a system component found in its operating systems. The flaw, tracked as CVE-2025-43300 and given a CVSS score of 8.8, could let attackers cause memory corruption simply by getting users to open a harmful image file.
According to Apple, they are aware that this flaw has been used in a “highly sophisticated attack against specific targeted individuals.” The company first provided fixes in late August through iOS 18.6.2, iPadOS 18.6.2, iPadOS 17.7.10, macOS Ventura 13.7.8, macOS Sonoma 14.7.8, and macOS Sequoia 15.6.1.
WhatsApp also identified a weakness in its apps for iOS and macOS, identified as CVE-2025-55177 (CVSS 5.4), which was paired with the Apple ImageIO bug in spyware incidents. These attacks reportedly targeted fewer than 200 people.
The most recent updates have now been extended to earlier device models, including fixes in iOS 16.7.12 and iPadOS 16.7.12 (available for iPhone 8, iPhone 8 Plus, iPhone X, and older iPad models) and iOS 15.8.5 and iPadOS 15.8.5 (covering iPhone 6s, iPhone 7, iPhone SE 1st gen, certain iPad models, and iPod touch 7th gen).
In addition to the main fixes, Apple rolled out security enhancements with recent releases including iOS 26, iPadOS 26, iOS 18.7, macOS Tahoe 26, and several others. These updates address additional security flaws including authorization problems, Sandbox escapes, privilege gains, and a Git vulnerability in Xcode that could enable remote code execution.
No other vulnerabilities listed by Apple have been reported as exploited. The company advises users to keep their software up to date for the best security protection.
✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.
Previous Articles:
- Pantera CEO Predicts Bitcoin to Hit $750K by 2028, $1M by 2030
- Crypto Super PAC Pledges $100M to Back Pro-Trump Candidates
- Cardano Eyes Breakout: ADA Price Targets $1.23 Amid Bullish Setup
- Fidelity: 42% of Bitcoin Supply Could Be Illiquid by 2032
- Dogecoin Eyes $0.31 as Bullish Pattern Signals Breakout Potential
