The National Computer Emergency Response Team (NCERT) warned about a major security issue in Apple’s ImageIO framework, known as CVE-2025-43300. This zero-day flaw lets hackers rewrite memory as a device handles a bad image file. That could hand them total control of iPhones, iPads, and Macs.
NCERT says attackers are using this flaw in focused strikes right now. It poses big dangers to people and groups with Apple gear. When it hits, the problem wrecks memory, opens doors to unwanted entry, breaks system safety, and leaks private info.
Hackers can start the attack from afar. They often fool users into viewing a rigged image. The trick needs no extra access rights. Apple rolled out key fixes in security updates to block it and keep users safe.
The issue first showed up in iOS 17.4. It still hits many newer Apple system versions. NCERT tells users to jump to iOS and iPadOS 18.6.2 or higher at once. For Macs, go to macOS Sequoia 15.6.1, Ventura 13.7.8, or Sonoma 14.7.8.
If updates must wait, NCERT suggests skipping image files from strangers. Turn off auto-loading of images. Watch system logs for odd crashes or memory glitches.
No signs of attacks have come out yet. Still, NCERT pushes groups to watch for weird image actions or device wobbles with no cause. Turn on auto-updates. Use tools like mobile device management to push fixes. Boost checks on devices to spot tries at image-based hacks.
The team made it clear: quick updates matter a lot. Users should grab Apple’s newest patches fast. This stops full takeovers and guards personal and work data from active attack runs.
For more daily updates, please visit our News Section.