On Monday, Apple rolled out the latest software updates for its iPhone, iPad, and Mac devices. The update introduced Apple Intelligence, which is now enabled by default on newer devices. Along with this feature, the update also included several security patches aimed at addressing vulnerabilities in the operating systems.
One of the key fixes in this update was for a zero-day bug that had been actively exploited. This vulnerability, which impacted devices running iOS versions older than iOS 17.2 (released in December 2023), was found in Core Media, the media engine that supports a range of Apple products. The flaw allowed attackers to exploit memory corruption, gaining elevated privileges and potentially accessing sensitive data on the affected devices.
Apple quickly issued a fix for this critical bug across its entire product line, including iPhones, iPads, Macs, Apple TVs, Apple Watches, and even the Vision Pro mixed-reality headset. The update ensures that devices are no longer vulnerable to the security exploit, protecting users from further potential breaches. Despite the severity of the flaw, Apple did not disclose details about the discovery or the specific individuals or entities who may have exploited it.
This security flaw marks the first zero-day vulnerability discovered in iOS in 2025. However, it is not the first time Apple has had to address actively exploited bugs. In 2024, at least seven such vulnerabilities were patched. As part of its ongoing commitment to security, Apple continues to monitor and address these threats to ensure the safety of its users.