The urgent patches, released as iOS 18.6.2 and iPadOS 18.6.2, address a memory corruption vulnerability that could be triggered by processing a specially crafted image file.
According to Apple’s security advisory, the company is “aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.”
At the heart of the issue is an out-of-bounds write within the ImageIO framework, a component fundamental to how Apple’s operating systems handle and render various image formats.
By sending a malicious image, an attacker could write data outside of the intended memory buffer. This type of memory corruption flaw is a classic vector for achieving arbitrary code execution, potentially allowing an attacker to take full control of an affected device.
The targeted nature of the exploit suggests the involvement of sophisticated threat actors, such as state-sponsored groups developing spyware.
This attack pattern is similar to past zero-click exploits used to deploy surveillance tools like Pegasus, where victims are compromised simply by receiving a file via a messaging app, with no user interaction required.
In response to this threat, Apple has made security patches available for a wide range of devices:
The fix addresses the vulnerability by implementing improved bounds checking, preventing the out-of-bounds write from occurring. Apple has credited itself with the discovery of the vulnerability, which is common practice when a flaw is identified internally or through the analysis of an ongoing attack.
The active exploitation of CVE-2025-43300 elevates it from a theoretical risk to a clear and present danger for users of unpatched devices.
Security researchers and Apple alike strongly advise all users to install the updates immediately through the Software Update function in their device’s Settings to protect themselves from these targeted attacks.
Safely detonate suspicious files to uncover threats, enrich your investigations, and cut incident response time. Start with an ANYRUN sandbox trial →
The post Critical Apple 0-Day Vulnerability Actively Exploited in the Wild – Update Now appeared first on Cyber Security News.
Security researchers have identified a new ClickFix social engineering campaign that abuses Windows Terminal to…
Security researchers have uncovered a malicious Chrome extension impersonating the popular cryptocurrency wallet imToken, designed…
Microsoft Defender researchers have warned about malicious browser extensions impersonating AI assistant tools that secretly…
Linux rootkits are becoming more advanced as attackers move beyond old kernel module tricks and…
A newly discovered critical flaw in Nginx UI exposes servers to complete data compromise by…
The Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical Hikvision vulnerability to…
This website uses cookies.