Cyber Security News

Apple Security Update – Patch for iOS Zero-day, MacOS & More

Apple has responded to a newly discovered zero-day vulnerability affecting its operating systems by releasing an array of security updates to protect users from potential exploitation.

The updates span iOS, iPadOS, macOS, watchOS, tvOS, visionOS, and Safari, demonstrating Apple’s commitment to user security and privacy.

Patch Details

The updates, released on January 27, 2025, include vital fixes for supported Apple devices, ranging from iPhones and iPads to Macs, Apple TVs, and even the cutting-edge Vision Pro. Among the notable updates are:

  • iOS 18.3 and iPadOS 18.3: Available for iPhone XS and later, as well as a variety of iPad models, these updates address a zero-day vulnerability that could potentially allow attackers to execute arbitrary code on compromised devices. Apple strongly urges all users to update their devices immediately.
  • macOS Sequoia 15.3, Sonoma 14.7.3, and Ventura 13.7.3: Critical patches for macOS users to mitigate vulnerabilities that may impact system stability and security. These updates cover a wide range of Macs, including MacBooks, iMacs, and Mac Studios.
  • watchOS 11.3: Available for Apple Watch Series 6 and later, this update enhances security and ensures compatibility with other recently updated Apple systems.
  • tvOS 18.3 and visionOS 2.3: Updates for Apple TV and the Vision Pro headset include improvements to performance, security, and app compatibility.
  • Safari 18.3: Focused on macOS Ventura and Sonoma, this browser update resolves security vulnerabilities and enhances web browsing performance.

Are you from SOC/DFIR Teams? - Analyse Malware Files & Links with ANY.RUN Sandox -> Try for Free

Highlighting the Zero-Day Vulnerability

Apple has implemented these updates in response to active exploits targeting vulnerabilities that were identified in late 2024.

Although Apple typically refrains from disclosing specifics about security flaws until an investigation is complete, experts suggest the targeted vulnerabilities allowed attackers to bypass memory protections and compromise devices running outdated software.

Users running older versions of iOS, macOS, or Safari were particularly at risk.This patch rollout further underscores Apple’s use of Rapid Security Responses, which have become a cornerstone of its security strategy.

These responses allow the company to quickly address urgent vulnerabilities without the need for full-scale software updates.

Apple recommends that users enable automatic updates to ensure their devices remain secure. Here’s how you can manually update your devices:

  • iPhone/iPad: Navigate to Settings > General > Software Update.
  • Mac: Open the System Settings and select Software Update.
  • Apple Watch: Use the Watch app on your iPhone and go to General > Software Update.
  • Apple TV: Visit Settings > System > Software Updates.
  • Vision Pro: Updates for visionOS can be applied via the Vision Pro settings menu.

Cybersecurity experts emphasize the importance of keeping devices updated to reduce exposure to malware, ransomware, and other cyber threats.

By rapidly addressing vulnerabilities, Apple continues to safeguard its ecosystem and users worldwide.

Integrating Application Security into Your CI/CD Workflows Using Jenkins & Jira -> Free Webinar

Divya

Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Recent Posts

Threat Actors Attacking U.S. Citizens Via Social Engineering Attack

As Tax Day on April 15 approaches, a alarming cybersecurity threat has emerged targeting U.S.…

4 hours ago

TerraStealer Strikes: Browser Credential & Sensitive‑Data Heists on the Rise

Insikt Group has uncovered two new malware families, TerraStealerV2 and TerraLogger, attributed to the notorious…

5 hours ago

MintsLoader Malware Uses Sandbox and Virtual Machine Evasion Techniques

MintsLoader, a malicious loader first observed in 2024, has emerged as a formidable tool in…

8 hours ago

Threat Actors Use AiTM Attacks with Reverse Proxies to Bypass MFA

Cybercriminals are intensifying their efforts to undermine multi-factor authentication (MFA) through adversary-in-the-middle (AiTM) attacks, leveraging…

9 hours ago

Threat Actors Target Critical National Infrastructure with New Malware and Tools

A recent investigation by the FortiGuard Incident Response (FGIR) team has uncovered a sophisticated, long-term…

10 hours ago

New StealC V2 Upgrade Targets Microsoft Installer Packages and PowerShell Scripts

StealC, a notorious information stealer and malware downloader first sold in January 2023, has rolled…

11 hours ago