Apple has rolled out a series of software updates to patch several critical vulnerabilities, including a zero-day flaw that had been actively exploited in the wild. The Apple security updates fix various security issues, notably a use-after-free bug affecting the Core Media component of Apple’s operating systems, which could allow malicious applications to elevate privileges.
Tracked as CVE-2025-24085, this zero-day vulnerability had the potential to be exploited by attackers to gain unauthorized access to a device’s system-level privileges. Apple acknowledged that the flaw had been actively exploited on versions of iOS prior to iOS 17.2, underlining the urgency of the security update. As part of its security efforts, Apple has addressed the flaw by improving memory management and making other vital fixes.
A Comprehensive Apple Security Update
Apple’s security update covers various components, including iOS, iPadOS, macOS, watchOS, and tvOS, with critical patches released for multiple devices. Here is a breakdown of the update timeline and the affected platforms:
- visionOS 2.3 (for Apple Vision Pro) – Released on January 27, 2025
- iOS 18.3 and iPadOS 18.3 (for compatible iPhones and iPads) – Released on January 27, 2025
- macOS Sequoia 15.3 (for Apple computers) – Released on January 27, 2025
- macOS Sonoma 14.7.3 (for Apple computers) – Released on January 27, 2025
- macOS Ventura 13.7.3 (for older Apple computers) – Released on January 27, 2025
- watchOS 11.3 (for Apple Watches) – Released on January 27, 2025
- tvOS 18.3 (for Apple TV) – Released on January 27, 2025
- Safari 18.3 (for web browsers on macOS) – Released on January 27, 2025
This broad rollout addresses vulnerabilities in various system components, ensuring that a wide range of Apple devices remains secure.
Zero-Day Vulnerability and Memory Management Fixes
One of the most concerning vulnerabilities fixed in this Apple security update is CVE-2025-24085, a use-after-free bug in Core Media. The vulnerability was discovered in earlier versions of iOS and could have been exploited by attackers to elevate privileges on the device. In simpler terms, this flaw allowed a malicious app to bypass security restrictions and execute unauthorized actions with root-level privileges.
Apple’s proactive measures included improved memory management within the affected systems, specifically targeting iPhones, iPads, and Macs running earlier iOS and macOS versions. The company’s security patch effectively neutralized the threat, eliminating the risk of unauthorized access that could compromise user data.
Key Vulnerabilities Fixed
Beyond the zero-day vulnerabilities, this security update addresses several other flaws across Apple’s ecosystem. Here are some of the key areas impacted by the latest fixes:
AirPlay Vulnerabilities
AirPlay, Apple’s wireless streaming protocol, was found to have multiple vulnerabilities, which could have led to issues such as memory corruption, system crashes, and denial-of-service (DoS) attacks. These vulnerabilities, including CVE-2025-24126, CVE-2025-24129, and CVE-2025-24137, were particularly concerning as they could have allowed attackers to disrupt streaming sessions or cause unexpected crashes. Apple has fixed these vulnerabilities by improving input validation and memory management protocols within the AirPlay system.
ARKit and CoreMedia Vulnerabilities
ARKit, which powers augmented reality (AR) experiences, also had vulnerabilities related to file parsing, as seen in CVE-2025-24127. Apple resolved this issue by enhancing validation and error handling during ARKit’s interaction with files, preventing unexpected app terminations.
Similarly, CoreMedia faced a serious flaw in the form of CVE-2025-24085, a zero-day vulnerability that enabled privilege escalation. This was a critical issue that could have been used by malicious actors to elevate their privileges within the system, essentially bypassing normal security restrictions. Apple’s fix ensures better memory handling, preventing unauthorized access to system-level privileges.
ImageIO and WebKit Fixes
Apple also addressed security issues in ImageIO, which processes image files, and WebKit, the rendering engine for web content. In ImageIO, a denial-of-service vulnerability, identified as CVE-2025-24086, was fixed. This vulnerability could have led to app crashes when processing maliciously crafted image files.
WebKit, meanwhile, received a series of fixes for vulnerabilities such as CVE-2025-24143 and CVE-2025-24150. These issues had the potential to allow malicious actors to track users through fingerprinting or inject commands into the system. Apple’s fix ensures a more secure browsing experience, with better memory management and file handling within WebKit.
Kernel and System-Level Fixes
The kernel, a core part of any operating system, was also a target for several vulnerabilities. CVE-2025-24159, a vulnerability in the kernel, was patched to prevent unauthorized execution of arbitrary code with kernel privileges. This critical issue could have led to severe system-level exploits. Apple’s fix fortifies kernel security, ensuring that only authorized applications can execute high-level system functions.
Similarly, vulnerabilities in LaunchServices and AppleMobileFileIntegrity were addressed to prevent unauthorized apps from accessing sensitive user data or bypassing privacy restrictions.
Other Notable Fixes in Apple’s Latest Security Update
Several other components of Apple’s ecosystem also received patches as part of this security update. Notably, vulnerabilities in Safari 18.3 were fixed, particularly a vulnerability that could have allowed attackers to spoof the address bar, misleading users into believing they were on a trusted website when they were not. This fix improves web browser security and ensures that users can trust the URLs displayed in their browser.
Additionally, watchOS 11.3 and tvOS 18.3 received patches for AirPlay and CoreMedia vulnerabilities, preventing potential attacks on Apple Watches and Apple TVs.
Conclusion
By addressing critical vulnerabilities, including CVE-2025-24085, and fixing issues in key components like AirPlay, ARKit, and WebKit, Apple strengthens the security of its ecosystem. Users are urged to install these updates promptly to protect their devices from potential exploits.
With ongoing collaboration with security researchers, Apple continues to protect its users from cyber threats. This update is a crucial step in maintaining the integrity of Apple’s operating systems and reinforces the company’s dedication to security.
