Apple Releases Urgent Security Updates to Fix Multiple Flaws in iOS and macOS
Apple has released a series of security updates to address multiple critical flaws in its iOS and macOS operating systems, leaving users vulnerable to exploitation by attackers. The company's latest updates aim to patch easily exploitable vulnerabilities that could allow malicious code to be executed simply by opening a crafted image, video, or website.
Fixing Critical Flaws in AppleJPEG and Other Components
The iOS 18.5 update addresses multiple critical flaws in AppleJPEG, CoreMedia, and other components that can let attackers run code or leak data via malicious media files. One of the most concerning issues is CVE-2025-31217, which can be triggered by processing maliciously crafted web content, leading to an unexpected Safari crash.
Patching Severe File-Parsing Flaws
Apple has also patched severe file-parsing flaws in CoreAudio, CoreGraphics, and ImageIO that could lead to unexpected app termination or corrupt process memory, or leak data when opening malicious content. These bugs can trigger a denial-of-service condition or cause memory corruption, leaving devices vulnerable to attack.
Addressing Other Security Gaps
In addition to the above-mentioned flaws, Apple has also addressed other security gaps in FrontBoard, iCloud Document Sharing, and Mail Addressing. The company has also fixed a mDNSResponder privilege escalation bug, tracked as CVE-2025-31222, which can be exploited by an attacker to intercept traffic on iPhone 16e.
iOS Update Details
The iOS 18.5 update is now available for iPhone XS and newer models, while the accompanying iPadOS update supports iPad Pro (2018 and later), iPad Air 3rd generation, iPad 7th generation, iPad mini 5, and subsequent devices.
macOS Update Details
Apple has also released updates for macOS Sequoia, macOS Sonoma, macOS Ventura, as well as for watchOS, tvOS, and visionOS. These updates aim to address various security vulnerabilities and provide a layer of protection against malicious attacks.
Stay Safe Online with the Latest Security Updates
As always, it's essential to keep your devices up-to-date with the latest security patches. By doing so, you can significantly reduce the risk of falling victim to these newly discovered vulnerabilities. Stay informed and stay safe online!
Follow me on Twitter: @securityaffairs and Facebook and Mastodon for the latest security news and updates.