Apple Patches Zero-Day Vulnerability Across Platforms

Apple patched a zero-day vulnerability (CVE-2025-43300) in the Image I/O framework.

The vulnerability allowed attackers to perform out-of-bounds writes, potentially leading to memory corruption and arbitrary code execution.

Crypto users are at higher risk due to the irreversible nature of stolen digital assets.

Immediate action: Update your iPhone/iPad via Settings > General > Software Update and Macs via System Settings > General > Software Update.

This flaw was reportedly used in targeted attacks, but could easily be recycled into broader campaigns.

iOS 18.6.2 and iPadOS 18.6.2 (iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later)

iPadOS 17.7.10 (iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation)

macOS Sequoia 15.6.1

macOS Sonoma 14.7.8

macOS Ventura 13.7.8

Q: What is a zero-day vulnerability?

Q: How do I update my Apple device?

Q: Why is this vulnerability particularly dangerous for crypto users?

Update your Apple devices (iPhones, iPads, and Macs) immediately to the latest software versions.

Enable automatic updates to ensure you receive security patches promptly.

If you use your Apple device for cryptocurrency storage or transactions, consider migrating to new wallet keys if you suspect any compromise.

Stay vigilant for any unusual activity on your devices, though spotting signs of exploitation can be difficult.

This vulnerability highlights the importance of keeping software up-to-date to protect against potential threats.