{"id":15142,"date":"2025-08-22T01:35:07","date_gmt":"2025-08-22T01:35:07","guid":{"rendered":"https:\/\/www.europesays.com\/ie\/15142\/"},"modified":"2025-08-22T01:35:07","modified_gmt":"2025-08-22T01:35:07","slug":"apple-issues-emergency-update-to-fix-zero-day-flaw-in-imageio-framework","status":"publish","type":"post","link":"https:\/\/www.europesays.com\/ie\/15142\/","title":{"rendered":"Apple issues emergency update to fix zero-day flaw in ImageIO framework"},"content":{"rendered":"

Apple Inc. has released an emergency security update to address a zero-day vulnerability in its ImageIO framework that has been actively exploited in the wild.<\/p>\n

A zero-day is a previously unknown software vulnerability that is discovered by attackers before the developer has created a fix. The ImageIO framework is a core component of Apple\u2019s operating systems responsible for handling various image file formats.<\/p>\n

The zero-day in this case, tracked as CVE-2025-43300, is described by Apple<\/a> as allowing for the processing of a malicious image file that may result in memory corruption. Apple confirmed it is aware of reports that the vulnerability may have been exploited in targeted attacks before the patch was released, though the company did not provide details about the scope or attribution.<\/p>\n

The patches, released on Aug. 20, cover iOS, iPadOS and macOS. The fix is included in iOS 18.6.2 and iPadOS 18.6.2 for current devices, iPadOS 17.7.10 for older models and macOS Sequoia 15.6.1, Sonoma 14.7.8 and Ventura 13.7.8.<\/p>\n

Users are advised to update their devices immediately to the latest versions. On iPhones and iPads, updates can be installed under Settings > General > Software Update, while Mac users can apply them through System Settings > General > Software Update.<\/p>\n

Discussing the vulnerability, Adam Boynton, senior security strategy manager at Apple device management company Jamf Holding Corp.<\/a>, told SiliconANGLE via email that \u201cApple has indicated that this vulnerability has been exploited in sophisticated, targeted attacks, which typically focus on individuals with highly valued access or contacts, such as journalists, lawyers, activists and government officials.\u201d<\/p>\n

\u201cWhile Apple has not confirmed whether this specific flaw was linked to spyware, similar vulnerabilities in ImageIO and WebKit have previously been used in Pegasus campaigns,\u201d Boynton added. \u201cEven though the exploitation appears targeted, we recommend that all users update to iOS 18.6.2 immediately, particularly those in industries most at risk of spyware attacks.\u201d<\/p>\n

Satnam Narang, senior staff research engineer at exposure management company Tenable Holdings Inc.<\/a>, commented that \u201ctraditionally, Apple has limited the amount of detail it shares about in-the-wild exploitation of zero-days across Apple products. However, they rarely use the language of \u2018an extremely sophisticated attack against specific targeted individuals.’\u201d<\/p>\n

\u201cBased on my assessment, Apple started using this language in 2025 for other CVEs, including CVE-2025-24201, CVE-2025-24200, CVE-2025-31200, CVE-2025-43200, and CVE-2025-43300,\u201d added Narang. \u201cThis language suggests that Apple is being purposeful in its external communication.\u201d<\/p>\n

Image: SiliconANGLE\/Reve<\/p>\n

Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE\u2019s Alumni Trust Network<\/strong>, where technology leaders connect, share intelligence and create opportunities.<\/p>\n