Apple Urges Billions to Update iPhones and iPads Immediately to Prevent Cyber Attacks
A renowned tech firm Apple has recently released a massive caution to its billions of users around the globe.
Apple Urges Billions to Update iPhones and iPads Immediately to Prevent Cyber Attacks
Apple has also urged the millions of users across all over the world to promptly upgrade the firmware on their Apple iPhone and Apple iPad in light of the discovery of major security vulnerability. In the report by Daily Mail, Apple has launched a series of urgent Apple security update, namely iOS 18.3.1 as well as iPadOS 18.3.1 to fix the "extremely sophisticated" attacks targeted at specific individuals.
The Apple vulnerability that is being recognized as CVE-2025-24200 It is actually an issue with authorization which can permit a malicious user to disabling an authorization issue that could allow a malicious actor to disable Apple USB restricted mode on a locked device by physical attack.
USB Restricted Mode which was being introduced in iOS 11.4.1 is said to be as a security feature designed to block the unauthorized access of the data stored on devices that are locked via USB connections, as reported by Daily Mail. By removing this particular mode, hackers might be able to steal information from the device.
Apple has not yet released information the full details, however, it has said that the issue has been used to perpetrate attacks against individuals targeted the company told Daily Mail. This update has been advised to iPhone XS and later models in addition to several iPad models.
It was initially discovered through Bill Marczak of The Citizen Lab at the University of Toronto's Munk School. The update for emergency security fix a security flaw in accessibility functions while also preventing hackers with physical access to disable USB Restricted Mode, noted Daily Mail.
This is a common mode that requires access to a password in order to connect an iPhone or iPad to a computer through USB and also prevents unauthorised access to data. The update also enhances the state management in order to resolve the authorization issue, as well.
The vulnerability being described as cve-2025-24200 actually relates to an issue with authorization that may let a malicious party remove the graykey on a locked device through physical attack.
