Apple has pushed out a rare emergency software update for iPhones and iPads. The company says the patch fixes a security hole that hackers already used in the wild. Apple described the attack as “extremely sophisticated” and said it was aimed at specific people, not the general public.
The flaw is tracked as CVE-2025-43300. It lives in Apple’s Image I/O framework, the part of the system that handles pictures in different formats. A rigged image file could crash memory and let attackers run their own code on the device. In simple terms: someone could send you a photo that secretly takes over your phone.
Apple’s advisory didn’t say who the attackers were or who got hit. The language suggests it could be spyware, the type governments or private groups use to target journalists, lawyers, or officials.
Devices covered
The fix comes as iOS 18.6.2. It works on iPhone XS and newer. On tablets, the iPad Pro, iPad Air, and iPad mini are included. Apple also pushed out updates to macOS Sequoia, Sonoma, and Ventura to close the same hole on laptops and desktops.
Read also
Why it matters
Image flaws like this are nothing new, but the fact Apple marked it as actively exploited makes it serious. Attacks could be delivered over email or messaging apps. Victims may not even realize a picture file triggered it. That’s why Apple rushed out the patch outside its normal schedule.
What to do
Check your iPhone or iPad under Settings > General > Software Update. If automatic updates are on, the fix may already be installed, but Apple recommends checking by hand. The download only takes a few minutes.
Apple doesn’t often call out attacks as “extremely sophisticated.” When it does, it usually means a nation-state or a well-funded group is behind it. For regular users, the risk is lower, but installing the update is the only safe move.
This is one of those “do it now” updates. If you’re on an eligible iPhone or iPad, grab iOS 18.6.2 right away.
Popular News
Latest News
Loading
