Apple urges iPhone users to update to fix real-life attack vulnerabilities
- Apple has addressed critical vulnerabilities in older iOS versions with recent updates.
- Exploited flaws included significant security issues that enabled physical attackers to disable protections.
- Updating all devices is essential to safeguard against these vulnerabilities and maintain security.
In early April 2025, Apple Inc., the multinational technology company headquartered in Cupertino, California, released a significant security update for older iPhones and iPads. This update aims to address exploited vulnerabilities that were actively being used in real-life attacks, requiring users to upgrade their devices for enhanced security. The patched vulnerabilities included issues that allowed attackers with physical access to disable security features, compromising user data. This round of updates follows previous patches released for newer devices running iOS 18, which had addressed the same vulnerabilities weeks earlier. The fact that these issues were fixed first for the latest iOS versions highlights the importance Apple places on providing updated security measures to its most recent products. However, it has also raised concerns about the company's slower delivery of updates for older versions of its operating systems. The specific vulnerabilities fixed in the recent updates include a critical flaw in USB Restricted Mode and a dangerous bug in the WebKit engine used by Safari. The USB flaw (CVE-2025-24200) could enable attackers to bypass security when a device is locked, potentially leading to data breaches. Meanwhile, the WebKit vulnerability (CVE-2025-24201) could allow malicious web content to escape its sandbox, posing additional risks to users. Reports indicated that these issues were exploited in sophisticated attacks against targeted individuals before the updates were made available. In light of these developments, Apple is emphasizing the urgency of updating devices to protect against ongoing threats. Users of older iPhones should upgrade to the latest compatible iOS version to ensure their devices are secure against these exploits and any future breaches that may arise. This scenario serves as a reminder of the continuing need for vigilance in software maintenance and the importance of timely updates to safeguard users against evolving cyber threats.