Apple has released emergency security fixes to address a severe zero-day vulnerability (CVE-2025-24200), which has been extensively exploited in targeted attacks. The corporation says the attacks as “extremely sophisticated,” raising worries about potential security vulnerabilities to specific persons.
What is a zero-day vulnerability?
The vulnerability, discovered by Citizen Lab researcher Bill Marczak, is an authorization problem that affects USB Restricted Mode on iPhones and iPads. USB Restricted Mode, introduced in iOS 11.4.1 over seven years ago, is a critical security feature that prevents unauthorized access to a device’s data via USB connections after it has been locked for more than an hour.
However, Apple’s alert warns that attackers may have discovered a way to circumvent this security via physical attack. In other words, a clever opponent with physical access to the device might turn off USB Restricted Mode, thereby permitting unauthorized data retrieval.
10% discount COUPON
DOER
SentryPC
Tiny Land
Games/Toys·Baby Essentials·Furniture & Home Decor·Educational·Baby & Kids Home
How Apple is Addressing the Threat
Apple quickly responded, delivering updates for iOS 18.3.1, iPadOS 18.3.1, and iPadOS 17.7.5. The update improves state management, preventing attackers from evading USB Restricted Mode. Apple has recommended all customers to promptly upgrade their devices in order to safeguard themselves against potential misuse.
Why This Matters
The discovery of this vulnerability highlights the increasing sophistication of digital attacks, particularly those aimed at high-profile persons. In recent years, both law enforcement and hackers have employed forensic tools such as GrayKey and Cellebrite to recover data from locked iOS devices. Apple has continually increased its security mechanisms to combat such assaults, most recently releasing the “inactivity reboot” function in November 2024. This function restarts iPhones after lengthy inactive periods, re-encrypting the data to make extraction more difficult.
Steps to Protect Yourself
To ensure your device is secure, follow these steps:
- Update Your Device Immediately: Go to Settings > General > Software Update and install iOS 18.3.1 (or iPadOS 18.3.1/17.7.5, depending on your device).
- Enable USB Restricted Mode: Ensure your device is set to require authentication for USB accessories by navigating to Settings > Face ID & Passcode (or Touch ID & Passcode) and toggling “USB Accessories” off.
- Reboot Your Device Regularly: This can help reinforce security measures, especially with the inactivity reboot feature in place.
- Be Cautious with Physical Access: Avoid leaving your device unattended in unsecured environments where an attacker could gain physical access.
Final Thoughts
Apple’s quick reaction to this zero-day problem demonstrates its dedication to user security. However, as attackers create increasingly complex ways, users must stay proactive by updating their devices and adhering to standard security practices.
Keep an eye on Apple’s official security advisories for the most recent upgrades and suggestions, and consider activating automatic updates to protect yourself from potential risks.
Apple iPad Mini 6 8.3″ 64GB 256GB All Colors WiFi or Cellular – Good
US $279.99
*This article contains affiliate links; if you click such a link and make a purchase, Doer Digitalz FZE may earn a commission
