Apple on Monday backported fixes for 3 vulnerabilities which have come below lively exploitation within the wild to older fashions and former variations of the working techniques.
The vulnerabilities in query are listed beneath –
- CVE-2025-24085 (CVSS rating: 7.3) – A use-after-free bug within the Core Media element that might allow a malicious software already put in on a tool to raise privileges
- CVE-2025-24200 (CVSS rating: 4.6) – An authorization situation within the Accessibility element that might make it attainable for a malicious actor to disable USB Restricted Mode on a locked system as a part of a cyber bodily assault
- CVE-2025-24201 (CVSS rating: 8.8) – An out-of-bounds write situation within the WebKit element that might enable an attacker to craft malicious net content material such that it could actually get away of the Net Content material sandbox
The updates are actually accessible for the next working system variations –
The fixes cowl the next gadgets –
- iOS 15.8.4 and iPadOS 15.8.4 – iPhone 6s (all fashions), iPhone 7 (all fashions), iPhone SE (1st technology), iPad Air 2, iPad mini (4th technology), and iPod contact (seventh technology)
- iOS 16.7.11 and iPadOS 16.7.11 – iPhone 8, iPhone 8 Plus, iPhone X, iPad fifth technology, iPad Professional 9.7-inch, and iPad Professional 12.9-inch 1st technology
- iPadOS 17.7.6 – iPad Professional 12.9-inch 2nd technology, iPad Professional 10.5-inch, and iPad sixth technology
The event comes because the tech large launched iOS 18.4 and iPadOS 18.4 to treatment 62 flaws, macOS Sequoia 15.4 to plug 131 flaws, tvOS 18.4 to resolve 36 flaws, visionOS 2.4 to patch 38 flaws, and Safari 18.4 to repair 14 flaws.
Whereas not one of the newly disclosed shortcomings have come below lively exploitation, customers are really helpful to replace their gadgets to the newest model to safeguard towards potential threats.
Source link