Latest news with #CVE-2025-24201
Yahoo
16-03-2025
- Yahoo
Apple releases emergency security update for serious vulnerability
If you own an iPhone or iPad, it's time to stop what you're doing and update your device. A newly discovered security flaw, CVE-2025-24201, could leave your personal information vulnerable to hackers. The good news? Apple has released iOS 18.3.2 and iPadOS 18.3.2 to fix the issue. Let me explain what all this means for you and how you can stay protected. STAY PROTECTED & INFORMED! GET SECURITY ALERTS & EXPERT TECH TIPS – SIGN UP FOR KURT'S THE CYBERGUY REPORT NOW This vulnerability resides in WebKit, the open-source browser engine that powers Safari, Mail, App Store and other apps on Apple devices. The flaw is an out-of-bounds write issue, which allows attackers to use maliciously crafted web content to bypass the Web Content sandbox, a key security layer that isolates web content from accessing sensitive system resources. Apple has acknowledged that this vulnerability may have been exploited in highly advanced attacks targeting specific individuals using older versions of iOS before 17.2. These attacks are believed to involve well-funded threat actors, such as state-sponsored hackers or advanced cybercriminal groups. Zero-day vulnerabilities like CVE-2025-24201 are particularly dangerous because they are exploited before developers can patch them. In this case, the attacks were highly targeted, meaning most users are unlikely to have been affected directly. However, these incidents underscore the importance of regularly updating your devices to stay protected against evolving threats. Read On The Fox News App HOW TO PROTECT YOUR IPHONE & IPAD FROM MALWARE The vulnerability impacts a wide range of Apple devices, including: iPhone XS and later iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and late-r, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later and iPad mini 5th generation and later. If you own any of these devices, it's crucial to update your software immediately. Apple released emergency patches on March 11, 2025, as part of iOS 18.3.2 and iPadOS 18.3.2 updates. These updates introduce improved checks to prevent unauthorized actions caused by the vulnerability. This patch is a supplementary fix for an earlier attack mitigated in iOS 17.2. What Is Artificial Intelligence (Ai)? Your Iphone Has A Hidden Folder Eating Up Storage Space Without You Even Knowing Go to Settings Tap General Click Software Update Download and install the latest update Your iPhone will restart once the update is complete Go to the Settings app on your iPad Tap General Then click Software Update Tap Download and Install to begin the update process Enter your passcode if prompted and agree to the terms and conditions The update will download and install Your iPad will restart once the update is complete 1. Enable two-factor authentication: Turn on two-factor authentication for your Apple ID to add an extra layer of security to your account. 2. Have strong antivirus software: The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices. 3. Use a strong passcode: Set up a strong alphanumeric passcode instead of a simple four-digit PIN. Avoid using easily guessable information like birth dates. 4. Enable face ID or touch ID: Utilize biometric authentication to prevent unauthorized access to your device. 5. Manage app permissions: Regularly review and adjust app permissions to ensure they only access necessary data. 6. Secure lock screen notifications: Disable or limit sensitive information displayed in lock screen notifications. 7. Use Apple's App Privacy Report: Apple's App Privacy Report is a powerful tool that allows iPhone users to monitor how apps access their data and interact with third-party services. This feature provides valuable insights into app behavior, helping you make informed decisions about your privacy. 8. Download apps from official sources: Only install apps from the Apple App Store to avoid potential malware. 9. Keep your Apple ID secure: Never share your Apple ID or password with others, even family members. 10. Enable Find My iPhone: Ensure Find My iPhone is activated to help locate your device if it's lost or stolen. 11. Invest in a password manager: To go beyond iCloud's keychain for increased security, you'll want to invest in a password manager. These are created specifically for the protection of passwords and include features for important documents and photos. This is also beneficial when sharing private data with family members. Get more details about my best expert-reviewed password managers of 2025 here. While it might be tempting to put off updates, you don't want to delay this one. CVE-2025-24201 is a serious threat that's already been used in the wild. Sure, you might not be a high-profile target, but why take chances with your personal data? Updating your device is like giving it a digital suit of armor, and it only takes a few minutes. So, hit that update button and give yourself some peace of mind. Do you think Apple is doing enough to stay ahead of evolving cyber threats, or are there additional steps the company should take to protect its users? Let us know by writing us at For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Ask Kurt a question or let us know what stories you'd like us to cover. Follow Kurt on his social channels: Facebook YouTube Instagram Answers to the most-asked CyberGuy questions: What is the best way to protect your Mac, Windows, iPhone and Android devices from getting hacked? What is the best way to stay private, secure and anonymous while browsing the web? How can I get rid of robocalls with apps and data removal services? How do I remove my private data from the internet? New from Kurt: Try CyberGuy's new games (crosswords, word searches, trivia and more!) CyberGuy's exclusive coupons and deals Alert: Malware Steals Bank Cards And Passwords From Millions Of Devices Copyright 2025 All rights article source: Apple releases emergency security update for serious vulnerability
Express Tribune
15-03-2025
- Express Tribune
Apple issues urgent security update to fix serious iPhone and iPad flaw
Listen to article Apple has released an emergency security update for iPhones and iPads to address a newly discovered zero-day vulnerability, CVE-2025-24201, which could allow attackers to bypass security protections and access sensitive data. The flaw, located in WebKit—the browser engine that powers Safari, Mail, and the App Store—exploits an out-of-bounds write issue, enabling malicious web content to evade Apple's Web Content sandbox security feature. Apple confirmed that the vulnerability has already been exploited in targeted attacks, primarily against users running older iOS versions before 17.2. Experts warn that such attacks often involve state-sponsored hackers or sophisticated cybercriminal groups. Who Is affected? The security flaw impacts a wide range of Apple devices, including: iPhones: iPhone XS and later models iPads: iPad Pro 13-inch, iPad Pro 12.9-inch (3rd generation and later), iPad Pro 11-inch (1st generation and later), iPad Air (3rd generation and later), iPad (7th generation and later), and iPad Mini (5th generation and later) Apple has urged all affected users to update their devices immediately to protect against potential cyber threats. To mitigate the risk, Apple rolled out iOS 18.3.2 and iPadOS 18.3.2 on March 11, 2025, introducing improved security checks to prevent unauthorized access. The update serves as a supplemental patch to a previous fix implemented in iOS 17.2. How to update your device Users can install the update by following these steps: 1. Open Settings 2. Tap General 3. Select Software Update 4. Download and install the latest version The device will restart once the update is complete. Additional security measures Experts recommend taking extra precautions to safeguard Apple devices against potential cyber threats, including: Enabling two-factor authentication (2FA) for Apple ID Using a strong alphanumeric passcode instead of a simple four-digit PIN Activating Face ID or Touch ID for enhanced security Reviewing app permissions regularly Avoiding unofficial app sources and downloading only from the Apple App Store Using Apple's App Privacy Report to monitor app behavior Keeping Find My iPhone enabled in case of theft or loss Using a password manager for better credential security Zero-day vulnerabilities like CVE-2025-24201 pose a significant risk as they are exploited before developers release fixes. While Apple has not disclosed the full extent of the attacks, cybersecurity experts emphasize the importance of staying updated to prevent potential breaches. Apple has urged users to install the latest update immediately to ensure their devices remain protected.
Fox News
14-03-2025
- Fox News
Apple releases emergency security update for serious vulnerability
If you own an iPhone or iPad, it's time to stop what you're doing and update your device. A newly discovered security flaw, CVE-2025-24201, could leave your personal information vulnerable to hackers. The good news? Apple has released iOS 18.3.2 and iPadOS 18.3.2 to fix the issue. Let me explain what all this means for you and how you can stay protected. This vulnerability resides in WebKit, the open-source browser engine that powers Safari, Mail, App Store and other apps on Apple devices. The flaw is an out-of-bounds write issue, which allows attackers to use maliciously crafted web content to bypass the Web Content sandbox, a key security layer that isolates web content from accessing sensitive system resources. Apple has acknowledged that this vulnerability may have been exploited in highly advanced attacks targeting specific individuals using older versions of iOS before 17.2. These attacks are believed to involve well-funded threat actors, such as state-sponsored hackers or advanced cybercriminal groups. Zero-day vulnerabilities like CVE-2025-24201 are particularly dangerous because they are exploited before developers can patch them. In this case, the attacks were highly targeted, meaning most users are unlikely to have been affected directly. However, these incidents underscore the importance of regularly updating your devices to stay protected against evolving threats. The vulnerability impacts a wide range of Apple devices, including: If you own any of these devices, it's crucial to update your software immediately. Apple released emergency patches on March 11, 2025, as part of iOS 18.3.2 and iPadOS 18.3.2 updates. These updates introduce improved checks to prevent unauthorized actions caused by the vulnerability. This patch is a supplementary fix for an earlier attack mitigated in iOS 17.2. 1. Enable two-factor authentication: Turn on two-factor authentication for your Apple ID to add an extra layer of security to your account. 2. Have strong antivirus software: The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices. 3. Use a strong passcode: Set up a strong alphanumeric passcode instead of a simple four-digit PIN. Avoid using easily guessable information like birth dates. 4. Enable face ID or touch ID: Utilize biometric authentication to prevent unauthorized access to your device. 5. Manage app permissions: Regularly review and adjust app permissions to ensure they only access necessary data. 6. Secure lock screen notifications: Disable or limit sensitive information displayed in lock screen notifications. 7. Use Apple's App Privacy Report: Apple's App Privacy Report is a powerful tool that allows iPhone users to monitor how apps access their data and interact with third-party services. This feature provides valuable insights into app behavior, helping you make informed decisions about your privacy. 8. Download apps from official sources: Only install apps from the Apple App Store to avoid potential malware. 9. Keep your Apple ID secure: Never share your Apple ID or password with others, even family members. 10. Enable Find My iPhone: Ensure Find My iPhone is activated to help locate your device if it's lost or stolen. 11. Invest in a password manager: To go beyond iCloud's keychain for increased security, you'll want to invest in a password manager. These are created specifically for the protection of passwords and include features for important documents and photos. This is also beneficial when sharing private data with family members. Get more details about my best expert-reviewed password managers of 2025 here. While it might be tempting to put off updates, you don't want to delay this one. CVE-2025-24201 is a serious threat that's already been used in the wild. Sure, you might not be a high-profile target, but why take chances with your personal data? Updating your device is like giving it a digital suit of armor, and it only takes a few minutes. So, hit that update button and give yourself some peace of mind. Do you think Apple is doing enough to stay ahead of evolving cyber threats, or are there additional steps the company should take to protect its users? Let us know by writing us at For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Follow Kurt on his social channels: Answers to the most-asked CyberGuy questions: New from Kurt: Alert: Copyright 2025 All rights reserved.
