Boards
News
Market Data
Markets
Discover
Discover
Subscribe Login/Register account icon
S&P 500
7,611.57
(
0.15%
)
US TECH 100
29,762.40
(
0.18%
)
Dow Jones
51,032.21
(
-0.09%
)
Brent Oil
94.15
(
-1.90%
)
Bitcoin
67,919.24
(
-4.83%
)
News Focus
News Focus
Post# of 718
Next 10
Public Reply Private Reply New Post
Keep Last Read
Keep Next 10 Report Keyboard Shortcuts
Next 10 Prev Next

Ranb2khz

Send PM Follow Ignore
Followers 445
Posts 16876
Boards Moderated 9
Alias Born 07/16/2008

Ranb2khz

Member Level

Re: None

Tuesday, 04/01/2025 7:49:48 AM

Tuesday, April 01, 2025 7:49:48 AM

Post# of 718
Apple Backports Critical Fixes for 3 Live Exploits Impacting iOS and macOS Legacy Devices

~ by Ravie Lakshmanan Apr 01, 2025

Apple on Monday backported fixes for three vulnerabilities that have come under active exploitation in the wild to older models and previous versions of the operating systems.

The vulnerabilities in question are listed below:

CVE-2025-24085 (CVSS score: 7.3) – A use-after-free bug in the Core Media component that could permit a malicious application already installed on a device to elevate privileges

CVE-2025-24200 (CVSS score: 4.6) – An authorization issue in the Accessibility component that could make it possible for a malicious actor to disable USB Restricted Mode on a locked device as part of a cyber physical attack

CVE-2025-24201 (CVSS score: 8.8) – An out-of-bounds write issue in the WebKit component that could allow an attacker to craft malicious web content such that it can break out of the Web Content sandbox

The updates are now available for the following operating system versions:

• CVE-2025-24085 – Fixed in macOS Sonoma 14.7.5, macOS Ventura 13.7.5, and iPadOS 17.7.6
• CVE-2025-24200 – Fixed in iOS 15.8.4, iPadOS 15.8.4, iOS 16.7.11, and iPadOS 16.7.11
• CVE-2025-24201 – Fixed in iOS 15.8.4, iPadOS 15.8.4, iOS 16.7.11, and iPadOS 16.7.11

The fixes cover the following devices:

• iOS 15.8.4 and iPadOS 15.8.4 – iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)

• iOS 16.7.11 and iPadOS 16.7.11 – iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation

• iPadOS 17.7.6 – iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation

The development comes as the tech giant released iOS 18.4 and iPadOS 18.4 to remedy 62 flaws, macOS Sequoia 15.4 to plug 131 flaws, tvOS 18.4 to resolve 36 flaws, visionOS 2.4 to patch 38 flaws, and Safari 18.4 to fix 14 flaws.

While none of the newly disclosed shortcomings have come under active exploitation, users are recommended to update their devices to the latest version to safeguard against potential threats.
________________

Article Link:

https://thehackernews.com/2025/04/apple-backports-critical-fixes-for-3.html






Where will you spend ETERNITY?

Public Reply Private Reply New Post
Keep Last Read
Keep Last Read Next 10 Report Keyboard Shortcuts
Next 10 Prev Next

Discover What Traders Are Watching

Explore small cap ideas before they hit the headlines.

Join Today