Apple Releases Emergency Updates Security Flaw in Image I/O Framework Puts Users at Risk

Apple has released emergency updates to patch a new zero-day vulnerability that was exploited in an “extremely sophisticated attack.” The security flaw, tracked as CVE-2025-43300, is caused by an out-of-bounds write weakness in the Image I/O framework, which enables applications to read and write most image file formats.

According to Apple, an out-of-bounds write occurs when attackers successfully exploit such vulnerabilities by supplying input to a program, causing it to write data outside the allocated memory buffer. This can lead to the program crashing, corrupting data, or, in the worst-case scenario, allowing remote code execution. The vulnerability is considered a high-risk threat, as it can potentially allow attackers to execute arbitrary code on vulnerable devices.

Apple revealed that it is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals. The company has addressed this issue with improved bounds checking to prevent exploitation in iOS 18.6.2 and iPadOS 18.6.2, iPadOS 17.7.10, macOS Sequoia 15.6.1, macOS Sonoma 14.7.8, and macOS Ventura 13.7.8. The updates are designed to prevent attackers from exploiting the vulnerability, and users are strongly advised to install them as soon as possible.

The company has yet to attribute the discovery to one of its researchers and has not yet published details regarding the attacks it described as “extremely sophisticated.” While this flaw is likely only exploited in highly targeted attacks, it is strongly advised to install today’s security updates promptly to prevent any potential ongoing attacks. Apple has a history of releasing emergency updates to patch zero-day vulnerabilities, and this latest update is no exception.

This vulnerability marks the sixth zero-day exploited in the wild since the start of the year, following previous vulnerabilities in January (CVE-2025-24085), February (CVE-2025-24200), March (CVE-2025-24201), and April (CVE-2025-31200 and CVE-2025-31201). In 2024, Apple has patched six other actively exploited zero-days: one in January, two in March, a fourth in May, and two others in November.

The vulnerability is a reminder of the ongoing threat posed by zero-day exploits, which can be used to compromise devices and steal sensitive information. Apple’s prompt release of the updates highlights the company’s commitment to protecting its users from these threats.

What Users Can Do

To protect themselves from this vulnerability, users should:

Install the latest security updates for their Apple devices as soon as possible

Avoid opening suspicious image files or clicking on links from unknown sources

Use strong passwords and enable two-factor authentication to prevent unauthorized access to their devices

Regularly back up their data to prevent losses in the event of a security breach

By taking these steps, users can reduce their risk of being affected by this vulnerability and protect themselves from other potential security threats.