Apple fixes CVE-2025-43300, a flaw letting hackers hijack units by way of malicious photos. Customers urged to replace iPhone, iPad, and Mac now.
A number of cybersecurity researchers not too long ago warned {that a} crucial vulnerability (CVE‑2025‑43300) in Apple’s picture‑processing framework was being abused by attackers. Apple has now launched updates throughout iPhone, iPad and Mac units to deal with the problem.
Safety researcher Pablo Sabbatella famous that the flaw concerned picture file dealing with in Apple’s methods. One other alert got here from a separate safety advisor, highlighting the risk posed by the zero‑day. This challenge has since acquired pressing consideration.
Safety researcher Vladimir S. (identified on X as Officer’s Notes) warned that CVE‑2025‑43300 was beneath energetic exploitation, noting that merely opening a maliciously crafted picture was sufficient for an attacker to remotely take management of a tool.
Apple confirmed that the vulnerability, a reminiscence‑corruption flaw attributable to an out‑of‑bounds write within the Picture IO framework, had been discovered internally and stuck utilizing improved boundary checks.
The corporate launched safety updates on August 20, 2025. Variations affected and now fastened embrace:
- iPadOS 17.7.10
- macOS Sequoia 15.6.1
- macOS Ventura 13.7.8
- macOS Sonoma 14.7.8
- iOS 18.6.2 and iPadOS 18.6.2
Affected units embrace iPhone XS and newer fashions, varied iPad and iPad Professional generations, and Mac methods working the listed macOS variations.
This flaw has now been added to the US CISA’s (Cybersecurity and Infrastructure Safety Company) Recognized Exploited Vulnerabilities Catalog, with organizations suggested to use fixes by September 11, 2025.
That is already the seventh zero-day Apple has needed to repair this 12 months, following 5 related urgently patched flaws, plus a newer one within the Safari browser. Subsequently, in case you are an Apple person following these steps to safe your units:
- Replace your system straight away by way of Settings → Normal → Software program Replace on iOS/iPadOS, or System Settings → Software program Replace on macOS.
