Ethical Hacking News
Apple has released a series of security updates for iOS and macOS devices to address multiple vulnerabilities that could allow attackers to execute malicious code or steal sensitive data. The updates aim to bolster the security posture of users worldwide and are now available for download.
Apple has released iOS 18.5 and accompanying iPadOS update to address multiple vulnerabilities. The updates aim to bolster the security posture of users worldwide, particularly against malicious code execution and data theft. The patches fix several critical flaws in various components, including AppleJPEG, CoreMedia, and ImageIO. The updates are now available for devices running iOS 14 or later and other supported models. Users are advised to apply the patches as soon as possible to minimize the risk of exploitation by malicious actors.
Apple, a tech giant renowned for its cutting-edge operating systems, has recently released a series of security updates aimed at addressing multiple vulnerabilities that could potentially be exploited by attackers. These updates have been rolled out for both iOS and macOS devices, with the intention of bolstering the security posture of users worldwide.
The most notable update, iOS 18.5, was designed to patch critical flaws in various components, including AppleJPEG, CoreMedia, and ImageIO. The former vulnerability, dubbed CVE-2025-31251, could allow attackers to execute malicious code by opening a crafted image, video, or website. Similarly, the latter vulnerability, tracked as CoreMedia CVE-2025-31233, posed a risk of unexpected app termination or corrupt process memory.
The update also addressed processing issues with maliciously crafted web content, which could lead to memory corruption, as seen in vulnerabilities such as Webkit CVE-2025-31217 and Webkit CVE-2025-31215. Furthermore, the update patched severe file-parsing flaws in CoreAudio, CoreGraphics, and ImageIO that could result in unexpected app termination or data leaks.
In addition to these updates, Apple has also addressed a Baseband flaw, tracked as CVE-2025-31214, which could be exploited by an attacker to intercept traffic on iPhone 16e. Another critical vulnerability, mDNSResponder privilege escalation bug, tracked as CVE-2025-31222, was also fixed.
The iOS 18.5 update is now available for devices running iOS 14 or later, while the accompanying iPadOS update supports iPad Pro (2018 and later), iPad Air 3rd generation, iPad 7th generation, iPad mini 5, and subsequent models.
Similarly, Apple has released updates for macOS Sequoia, macOS Sonoma, and macOS Ventura, as well as watchOS, tvOS, and visionOS. These updates are aimed at addressing a range of vulnerabilities that could potentially be exploited by attackers.
In light of this latest security update, users are advised to apply the patches as soon as possible to minimize the risk of exploitation by malicious actors.
Apple has released a series of security updates for iOS and macOS devices to address multiple vulnerabilities that could allow attackers to execute malicious code or steal sensitive data. The updates aim to bolster the security posture of users worldwide and are now available for download.
Related Information:
https://www.ethicalhackingnews.com/articles/Apple-Releases-Security-Updates-to-Mitigate-Multiple-Vulnerabilities-in-iOS-and-macOS-ehn.shtml
https://securityaffairs.com/177748/security/apple-released-security-updates-to-fix-multiple-flaws-in-ios-and-macos.html
https://nvd.nist.gov/vuln/detail/CVE-2025-31251
https://www.cvedetails.com/cve/CVE-2025-31251/
https://nvd.nist.gov/vuln/detail/CVE-2025-31233
https://www.cvedetails.com/cve/CVE-2025-31233/
https://nvd.nist.gov/vuln/detail/CVE-2025-31217
https://www.cvedetails.com/cve/CVE-2025-31217/
https://nvd.nist.gov/vuln/detail/CVE-2025-31215
https://www.cvedetails.com/cve/CVE-2025-31215/
https://nvd.nist.gov/vuln/detail/CVE-2025-31214
https://www.cvedetails.com/cve/CVE-2025-31214/
https://nvd.nist.gov/vuln/detail/CVE-2025-31222
https://www.cvedetails.com/cve/CVE-2025-31222/
Published: Tue May 13 01:36:24 2025 by llama3.2 3B Q4_K_M
