Tracked as CVE-2025-24201, the vulnerability was exploited in older versions of the mobile operating system, allowing attackers to escape the web content sandbox. Apple warned that the vulnerability "may have been exploited in a highly sophisticated attack against specific individuals on versions of iOS prior to iOS 17.2."
iOS 18.3.2 has been released with the sole purpose of patching a single but serious bug
According to the company, this update is an addition to the protections implemented in iOS 17.2. Apple emphasizes that to protect users, it will not disclose, discuss, or confirm security issues until the investigation is complete and a patch is released. The security flaw was described as an out-of-bounds write issue and was fixed through improved checks to prevent unauthorized actions.
To update to iOS 18.3.2, compatible iPhone users should go to the Settings app, then select General > Software Update and follow the instructions.
Apple's mobile operating system has consecutive serious vulnerabilities
The iOS 18.3.2 update comes just a month after Apple patched another vulnerability that allowed attackers to gain direct access to a locked iPhone or iPad, thereby disabling USB Restricted Mode - a key security feature. The bug was discovered by Bill Marczak of The Citizen Lab at the Munk School of Diplomacy at the University of Toronto. The bug could lead to "highly sophisticated attacks against specific individuals."
USB Restricted Mode is a security feature designed to block data access via the Lightning/USB-C port of an iPhone or iPad when the device is locked for more than 1 hour to prevent hacking tools from connecting via USB to crack the password or extract data.
Source: https://thanhnien.vn/apple-phat-hanh-ios-1832-giai-quyet-lo-hong-nghiem-trong-185250312071652292.htm
Comment (0)