Apple Rushes Emergency iOS Update to Fix Actively Exploited Zero-Day Vulnerability
Apple has rushed out an emergency security update, iOS 18.3.1 and iPadOS 18.3.1, to patch a zero-day vulnerability (CVE-2025-24200) actively exploited in the wild. The update is crucial for iPhone XS and later, iPad Pro models, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later.
The vulnerability, discovered by Bill Marczak of the University of Toronto's Munk School, allows an 'authorization issue' to be exploited in a physical attack, disabling USB Restricted Mode on a locked device. Apple's updated documentation reflects the increased threat from mercenary spyware.
The Citizen Lab, known for uncovering numerous zero-day threats, has linked the attacker behind the exploit to an advanced persistent threat group associated with a foreign nation-state. While specific attribution is not confirmed, the group is suspected to be connected to a government-sponsored hacking unit. Apple patched 20 zero-days in 2023, including three actively exploited iOS zero-days found by Marczak and Google's Maddie Stone.
Adam Boynton, senior security strategy manager EMEIA at Jamf, urges all iOS users to upgrade their devices immediately to protect against attackers. The update fixes the critical vulnerability and improves state management, ensuring users' security and privacy.
