Slashdot: Apple Fixes Zero-Day Exploited In ‘Extremely Sophisticated’ Attacks

Feb 10, 2025

—

Source URL: https://apple.slashdot.org/story/25/02/10/217213/apple-fixes-zero-day-exploited-in-extremely-sophisticated-attacks?utm_source=rss1.0mainlinkanon&utm_medium=feed
Source: Slashdot
Title: Apple Fixes Zero-Day Exploited In ‘Extremely Sophisticated’ Attacks

Feedly Summary:

AI Summary and Description: Yes

Summary: Apple has issued urgent security updates for iOS 18.3.1 and iPadOS 18.3.1 to fix a critical zero-day vulnerability exploited in sophisticated targeted attacks. The flaw compromised the USB Restricted Mode, critical for data protection on locked devices, and recommended immediate user updates to mitigate potential security risks.

Detailed Description:

Apple’s recent security updates underscore the importance of timely responses to vulnerabilities in mobile operating systems that can significantly impact user data protection. Here’s a comprehensive breakdown of the critical aspects outlined in the text:

– **Zero-Day Vulnerability**:
– The vulnerability has been categorized as CVE-2025-24200 and is noted for being utilized in highly targeted attacks.
– It represents an authorization issue that could allow attackers to bypass critical security features.

– **USB Restricted Mode**:
– This security feature was designed to prevent unauthorized data connections from USB accessories when the device has been locked for over an hour.
– It aims to protect against forensic tools like Graykey and Cellebrite, which can extract sensitive data from locked devices.

– **Emergency Response**:
– Apple’s update for iOS 18.3.1 and iPadOS 18.3.1 addresses this vulnerability with improved state management, thus reinforcing device security.

– **Impact**:
– Specific devices affected include iPhone XS and newer models, as well as several iPad models from the Pro series and Air series, indicating a significant portion of Apple’s user base needs to update.

– **Recent Features**:
– Apple introduced a new security feature, “inactivity reboot,” which helps to re-encrypt data on idle iPhones, further enhancing data security against forensic extraction.

This situation highlights the critical need for continuous monitoring and updating of software to mitigate vulnerabilities, especially in environments handling sensitive data. For security professionals, the identified vulnerabilities can serve as reminders about the necessity of vigilance and rapid response in the face of emerging threats. Additionally, the incident exemplifies the significance of proactive measures like Zero Trust principles in bolstering device security against targeted attacks.

1 2 24 3 4 5 7 a access Act AI and API Apple as attack attackers attacks authorization authorization issue by bypass C cell Cellebrite CIA continuous monitoring core critical CVE D data data connection Data Protection data security day day exploit day vulnerability de design device security DoS DoT e emergency response emerging threats end environment event exp exploit extraction face feature features for forensic tool forensic tools g Gen Go GrayKey high Highlight HR http HTTPS in inactivity reboot incident iOS iOS 18 iPad iPhone iPhones ite k Key l law led Link low management media Mobile mobile operating systems model models Monitor monitoring no non o of on one operating system operating systems ory out over phi potential pre principles proactive proactive measures professionals R rapid response Ray RCE response Restricted Mode Risk risks Ro RoT Rust s sec security security features security professionals security risk security risks security update security updates sensitive data series A Sig software source SSE state state management system systems T targeted targeted attacks text the threat threats Time to tool tools Tor TP trust trust principles up update updates US use user user data user data protection uth V vigilance vulnerabilities vulnerability Well Wi x zero Zero Trust zero-day zero-day exploit zero-day vulnerability