Apple Addresses Seventh Actively Exploited Zero-Day Vulnerability

In a move to bolster the security of its devices, Apple has addressed a seventh actively exploited zero-day vulnerability, marking a significant milestone in the company's efforts to stay one step ahead of cyber threats.

The latest patch was released for iOS, iPadOS, and macOS, targeting a zero-day out-of-bounds write issue that resides in the ImageIO framework. This vulnerability allows attackers to cause memory corruption when processing malicious images, making it a serious threat to users.

According to Apple's advisory published on their website, "processing a malicious image file may result in memory corruption." The company warned that this issue has been exploited in an "extremely sophisticated attack" against specific targeted individuals.

"We are aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals," the advisory stated. Apple's efforts to address this vulnerability demonstrate its commitment to protecting users from such threats, highlighting the ongoing cat-and-mouse game between security researchers and malicious actors.

Fix Released: Improved Bounds Checking

The patch released by Apple includes improved bounds checking, which is designed to prevent attackers from exploiting the vulnerable ImageIO framework. By implementing this change, the company aims to reduce the risk of memory corruption and related attacks.

Total Zero-Days Patched in 2025

This latest update brings the total number of zero-days patched by Apple in 2025 to seven. The other zero-day vulnerabilities addressed this year include CVE-2025-24085, CVE-2025-24200, CVE-2025-24201, CVE-2025-31200, CVE-2025-31201, and CVE-2025-43200.

Apple's proactive approach to addressing zero-day vulnerabilities is a testament to its dedication to maintaining the security of its devices. As cybersecurity threats continue to evolve, it's essential for companies like Apple to stay vigilant and adapt their defenses accordingly.

Stay Informed

To stay up-to-date on the latest security patches and alerts from Apple, follow reputable sources such as @securityaffairs on Twitter, Facebook, and Mastodon. By staying informed, users can better protect themselves against emerging threats and ensure their devices remain secure.