Apple has released a series of critical security updates to address vulnerabilities that were actively exploited as zero-day threats. These updates include backported patches for older versions of iOS, iPadOS, macOS, and watchOS, aiming to secure devices that may still be running outdated software.
A key focus of these updates is the backporting of zero-day patches to older devices, reflecting the ongoing efforts to mitigate risks across a broad range of hardware. Notable vulnerabilities include CVE-2025-24200 and CVE-2025-24201, both of which were actively exploited before patches were issued.
Backporting Zero-Day Fixes
The vulnerability CVE-2025-24200 allowed mobile forensic tools to bypass the USB Restricted Mode on locked devices, a feature designed to prevent unauthorized data access via USB ports. This flaw was addressed with the release of iOS 18.3.1, iPadOS 18.3.1, and macOS 17.7.5 on February 10, 2025, with backports provided for older versions such as iOS 16.7.11 and iPadOS 16.7.11.
Similarly, CVE-2025-24201, which affected the WebKit engine, enabled attackers to break out of the Web Content sandbox through specially crafted web content. This vulnerability was exploited in several attacks, prompting company to release fixes in iOS 18.3.2, iPadOS 18.3.2, and macOS Sequoia 15.3.2 on March 11, 2025. Older devices received updates through versions like iOS 16.7.11 and corresponding macOS releases.
Apple Addresses Other Vulnerabilities and Fixes
In addition to the zero-day flaws, Apple addressed CVE-2025-24085, a privilege escalation issue within the Core Media framework. This vulnerability was patched in the January 2025 updates for iOS 18.3, iPadOS 18.3, macOS Sequoia 15.3, and tvOS 18.3, with backports available in iPadOS 17.7.6 and macOS Sonoma 14.7.5.
The updates also cover a range of other security flaws across various system components, including Safari, CoreAudio, Maps, Calendar, and more. These patches aim to enhance the overall security posture of company’s ecosystem, addressing risks that could lead to data breaches, system crashes, or unauthorized access.
Security Content of Latest Updates
The latest update, watchOS 11.4, released on April 1, 2025, targets vulnerabilities affecting the Apple Watch Series 6 and later. Key fixes include CVE-2025-24097, which addresses a permissions issue with AirDrop, and CVE-2025-24244, a flaw in font processing that could lead to memory disclosure.
Authentication services have also been fortified, with patches for issues like CVE-2025-30430, which could allow attackers to bypass password autofill restrictions, and CVE-2025-24180, which affected WebAuthn credentials across websites with similar suffixes. Other security enhancements cover audio-related vulnerabilities, such as CVE-2025-24243, which addressed a flaw in processing malicious font files capable of triggering arbitrary code execution.
Conclusion
The release of these security updates highlights the critical role of timely patching in addressing vulnerabilities, particularly zero-day threats like CVE-2025-24200 and CVE-2025-24201. By backporting fixes to older devices, company aims to provide broader protection, though the effectiveness of such measures relies heavily on user promptness in applying updates.
