Apple Fixes Zero-Click Vulnerability Affecting Crypto Users on iOS, iPadOS, and macOS

Apple has patched a zero-click vulnerability in iOS, iPadOS, and macOS that could have allowed attackers to steal sensitive data, including cryptocurrency wallets. The flaw, tied to the Image I/O framework, has already been linked to a sophisticated attack against specific targeted individuals. Apple urges all users to update their devices immediately. Security experts warn that cryptocurrency users face higher risks due to the irreversible nature of digital asset transfers.

Apple has released critical security updates for iOS, iPadOS, and macOS, addressing a zero-click vulnerability in the Image I/O framework. This vulnerability, tracked as CVE-2025-43300, could have allowed attackers to execute code without user interaction, potentially compromising sensitive data, including cryptocurrency wallets. The flaw affects macOS Ventura before version 13.7, macOS Sonoma before version 14.7, macOS Sequoia before version 15.6, iOS before 18.6, and iPadOS before 17.7 and 18.6.

The vulnerability stems from improper memory handling in Image I/O while processing crafted images. An attacker can trigger out-of-bounds memory writes that enable execution of arbitrary code. Once code runs, attackers can access local data, credentials, and wallet signing processes. Apple has not provided a severity score for this vulnerability but has stated that it was aware of a report indicating the issue may have been exploited in a highly targeted attack against specific individuals [1].

Apple has released the following patches for affected devices:
- macOS Ventura 13.7.8
- macOS Sonoma 14.7.8
- macOS Sequoia 15.6.1
- iOS 18.6.2
- iPadOS 17.7.10
- iPadOS 18.6.2

Security experts have urged all users to update their devices immediately, particularly those in industries most at risk of spyware attacks. Cryptocurrency users face heightened risks due to the irreversible nature of digital asset transfers. If you suspect your device has been targeted or if you store high-value keys on it, it is advisable to migrate to new keys generated on a verified-clean device or hardware wallet [1].

For high-value targets, the following steps are recommended:
1. Update all Apple devices to the latest patch releases immediately.
2. Secure primary recovery channels — email and cloud accounts — with new, unique passwords and enable strong authentication.
3. If you suspect compromise, migrate funds to a new wallet with new keys generated on a known-clean device or hardware wallet.
4. Revoke app permissions and key access where possible, and rotate API keys or integration credentials.
5. Document indicators of compromise and consult incident response professionals if significant funds are at risk.

Apple's patch for the Image I/O zero-click vulnerability is critical for all users and urgent for cryptocurrency holders. Update devices, secure recovery accounts, and consider key rotation or hardware wallets to reduce exposure. Monitor official advisories and maintain rigorous device hygiene to protect digital assets.

References:
[1] https://en.coinotag.com/apple-says-patch-addresses-zero-click-image-flaw-that-could-put-bitcoin-wallets-at-risk-users-urged-to-update/
[2] https://www.infosecurity-magazine.com/news/apple-patch-likely-exploited-zero/