Apple Releases Security Updates to Patch Actively Exploited Vulnerability
Apple has released new versions of its operating systemsβiOS 18.3, iPadOS 18.3, macOS Sequoia 15.3, tvOS 18.3, visionOS 2.3, and watchOS 11.3. These updates include patches for a zero-day vulnerability that was being actively exploited in attacks.
About the Vulnerability
The critical flaw, identified as CVE-2025-24085, is a use-after-free issue in the Core Media component. A malicious app could exploit this vulnerability to escalate privileges on the system.
βWe are aware of reports that CVE-2025-24085 has been exploited in real-world cyberattacks targeting users of iOS versions prior to 17.2,β Apple stated.
Patched Operating System Versions
The following operating system versions include the security patch:
- iOS 18.3 and iPadOS 18.3: Available for iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch (3rd generation and later), iPad Pro 11-inch (1st generation and later), iPad Air (3rd generation and later), iPad (7th generation and later), and iPad mini (5th generation and later).
- macOS Sequoia 15.3: Available for Mac computers running macOS Sequoia.
- tvOS 18.3: Available for all Apple TV HD and Apple TV 4K models.
- visionOS 2.3: Available for Apple Vision Pro devices.
- watchOS 11.3: Available for Apple Watch Series 6 and later.
Additional Information
At this time, technical details about how the vulnerability is being exploited have not been disclosed.