Apple Halts Zero-Click Spyware Attacks with Urgent iOS Security Fix

Generated by AI AgentCoin World
Friday, Aug 22, 2025 12:46 pm ET2min read
AAPL
--
Aime RobotAime Summary

- Apple released emergency updates for iOS, iPadOS, and macOS to fix CVE-2025-43300, a zero-day vulnerability exploited in targeted attacks.

- The flaw in ImageIO framework allows memory corruption via crafted images, enabling zero-click attacks to install spyware without user interaction.

- Security experts warn the vulnerability could bypass encryption and compromise devices, with similar exploits linked to Pegasus spyware campaigns.

- This marks Apple's seventh patched zero-day in 2025, highlighting accelerated threats as attackers increasingly target high-risk sectors.

Apple has issued emergency security updates to address a zero-day vulnerability in iOS, iPadOS, and macOS that was actively exploited in targeted attacks. The flaw, tracked as CVE-2025-43300, resides in Apple’s ImageIO framework, a system responsible for handling image file formats. The vulnerability allows malicious actors to trigger memory corruption by processing specially crafted image files.

Apple
stated that it is aware of reports that the issue may have been used in an “extremely sophisticated attack against specific targeted individuals.” The company addressed the flaw in iOS 18.6.2, iPadOS 18.6.2, and several macOS versions, including macOS
Sonoma
14.7.8, macOS Ventura 13.7.8, iPadOS 17.7.10, and macOS Sequoia 15.6.1.

The vulnerability stems from an out-of-bounds write issue, which Apple resolved by improving bounds checking in the affected components. This flaw enables attackers to manipulate memory segments beyond the intended scope, potentially leading to unauthorized code execution. Experts warn that such vulnerabilities can be exploited to run malicious code on a device without user interaction—so-called zero-click attacks—making them particularly dangerous in high-risk scenarios. Jake Moore, global cybersecurity advisor at ESET, noted that memory corruption vulnerabilities can be weaponized to crash apps or even execute arbitrary code, potentially leading to complete device compromise.

While Apple did not disclose the identities of those targeted or the attackers, the nature of the exploit aligns with known methods used in spyware campaigns. Security researchers have linked similar ImageIO and WebKit flaws to Pegasus spyware operations. Sylvain Cortes, VP strategy at Hackuity, confirmed that the patched vulnerability could enable zero-click attacks via malicious messages, typically delivered through messaging apps like iMessage or WhatsApp. These attacks can bypass end-to-end encryption and silently install surveillance malware on the target device. Apple released the patch just three weeks after its previous major security update, which addressed 29 vulnerabilities, indicating an accelerating threat landscape.

The company has now addressed seven zero-day flaws exploited in real-world attacks since the beginning of the year, including CVE-2025-24085, CVE-2025-24200, CVE-2025-24201, CVE-2025-31200, CVE-2025-31201, and CVE-2025-43200. In addition to CVE-2025-43300, Apple also released patches for a Safari vulnerability exploited as a zero-day in the Chrome browser. The updated versions are available for a range of devices, including iPhone XS and later models, various iPad Pro and iPad Air models, and select Mac devices running macOS Ventura, Sonoma, or Sequoia.

Security experts emphasize the urgency of applying the update, particularly for users in high-risk sectors such as journalism, law, and public affairs. While the vulnerability is currently used in highly targeted attacks, history shows that such exploits often expand into broader campaigns. Pieter Arntz, a researcher at Malwarebytes, warned that attackers may repurpose the same flaw to target everyday users if not mitigated promptly. Sean Wright, head of application security at Featurespace, added that while the exploit appears complex and unlikely to affect the general public, users are advised to apply the fix immediately to mitigate risk.

Source: [1] CVE-2025-43300 Detail - NVD (https://nvd.nist.gov/vuln/detail/CVE-2025-43300) [2] About the security content of iOS 18.6.2 and iPadOS 18.6.2 (https://support.apple.com/en-us/124925) [3] Apple Patches CVE-2025-43300 Zero-Day in iOS, iPadOS ... (https://thehackernews.com/2025/08/apple-patches-cve-2025-43300-zero-day.html) [4] iOS 18.6.2—Update Now Warning Issued To All iPhone ... (https://www.forbes.com/sites/kateoflahertyuk/2025/08/22/ios-1862-update-now-warning-issued-to-all-iphone-users/)

Comments



Add a public comment...
No comments

No comments yet