Security News > 2025 > January > Apple Patches Actively Exploited Zero-Day Affecting iPhones, Macs, and More
2025-01-28 03:23
Apple has released software updates to address several security flaws across its portfolio, including a zero-day vulnerability that it said has been exploited in the wild. The vulnerability, tracked as CVE-2025-24085, has been described as a use-after-free bug in the Core Media component that could permit a malicious application already installed on a device to elevate privileges. "Apple is
News URL
https://thehackernews.com/2025/01/apple-patches-actively-exploited-zero.html
Related news
- Apple backports zero-day patches to older iPhones and Macs (source)
- Apple fixes zero-day exploited in 'extremely sophisticated' attacks (source)
- Apple fixes zero-day flaw exploited in “extremely sophisticated” attack (CVE-2025-24200) (source)
- Apple Patches Actively Exploited iOS Zero-Day CVE-2025-24200 in Emergency Update (source)
- Apple fixes WebKit zero-day exploited in ‘extremely sophisticated’ attacks (source)
- Apple Releases Patch for WebKit Zero-Day Vulnerability Exploited in Targeted Attacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-01-27 | CVE-2025-24085 | Use After Free vulnerability in Apple products A use after free issue was addressed with improved memory management. | 7.8 |