Apple has rolled out urgent security updates to address a critical Zero-Day Exploit (CVE-2025-24200) actively exploited in highly sophisticated cyberattacks. The flaw, affecting iPhones and iPads, allows attackers to disable USB Restricted Mode on locked devices, potentially exposing sensitive data. This development underscores the persistent threats targeting high-profile individuals and the need for immediate updates.
The flaw is an authorization issue that enables attackers to bypass USB Restricted Mode, a security feature introduced in iOS 11.4.1 to prevent unauthorized data extraction. The attack, classified as “extremely sophisticated,” appears to require physical access to the device, suggesting its potential use in cyber-physical operations such as forensic extractions or espionage.
Citizen Lab security researcher Bill Marczak discovered and reported the issue, which Apple has patched in iOS 18.3.1, iPadOS 18.3.1, and iPadOS 17.7.5 through improved state management.
Apple’s advisory lists a wide range of devices impacted by this flaw:
Users are strongly advised to update their devices immediately to block potential ongoing attack attempts.
This marks yet another instance of zero-day vulnerabilities being exploited in real-world attacks. In recent years, Apple has faced a growing number of such threats:
Apple’s ongoing struggle against zero-day threats highlights the sophistication of adversaries targeting its ecosystem. Commercial surveillance tools have leveraged many of these vulnerabilities, often used against high-risk individuals such as journalists, politicians, and activists.
One primary concern surrounding zero-day exploits is their use by state-backed and commercial surveillance vendors. Tools like NSO Group’s Pegasus spyware are marketed as essential for law enforcement but have often been linked to political espionage and human rights violations.
Despite claims that such tools are strictly regulated, history has shown that government agencies and private firms continue to weaponize these exploits, making it imperative for users to stay vigilant and update their devices.
If you own an affected iPhone or iPad, take the following steps immediately:
Apple’s latest zero-day fix reminds us that even the most secure platforms are not immune to attacks. Cyber threats are evolving rapidly, and bad actors continually find new ways to exploit vulnerabilities. While Apple remains at the forefront of security innovation, users must remain proactive in safeguarding their devices against potential breaches.
Cybersecurity is a shared responsibility. Stay informed, stay updated, and remain secure.
Resources:
https://thehackernews.com/2025/02/apple-patches-actively-exploited-ios.html
Share this :