02 September 2025

Apple Patches Zero-Day Flaw that Targeted Users

Someday security will be a thing, but it is not today. From Bleeping Computer: Apple fixes new zero-day flaw exploited in targeted attacks

Apple has released emergency updates to patch another zero-day vulnerability that was exploited in an "extremely sophisticated attack."

The exploit, an out of bounds write, which apparently could lead to remote code execution was fixed by "improved bounds checking." It is Apple, so they say very little, or nothing at all

They have patches to apply, but they haven't said you need to do a full reset and reload of updates.

This impacts iPhones, iPads, and Macs. Click thru for the list of exactly what is impacted.

While this flaw is likely only exploited in highly targeted attacks, it is strongly advised to install today's security updates promptly to prevent any potential ongoing attacks.

With this vulnerability, Apple has fixed a total of six zero-days exploited in the wild since the start of the year.

Not the only issue. Also from Bleeping Computer: WhatsApp patches vulnerability exploited in zero-day attacks

This was apparently linked to the previous exploit in some way.

When Apple released emergency updates to patch the CVE-2025-43300 zero-day flaw earlier this month, it also stated that the flaw had been exploited in an "extremely sophisticated attack."

While the two companies are yet to publish further information regarding the attacks, Donncha Ó Cearbhaill (the head of the Security Lab at Amnesty International) said that WhatsApp just warned some users that they've been targeted in an advanced spyware campaign over the last 90 days.

In this case, WhatsApp is recommending you do a system reset to make sure that the exploit doesn't survive a security update and reboot. The good news, if there is any, is that WhatsApp was able to identify who was targeted and give them specific warnings and instructions for mitigation.

In the threat notifications sent to potentially impacted individuals, WhatsApp advises them to perform a device factory reset and to keep their devices' operating system and software up to date.

In the words of Sgt. Phil Esterhaus, from the Polish Hill Station: "Let's be careful out there." The internet is a dangerous place.

at
Labels: , ,

No comments:

Post a Comment

Comment Moderation is in place. Your comment will be visible as soon as I can get to it. Unless it is SPAM, and then it will never see the light of day.

Be Nice. Personal Attacks WILL be deleted. And I reserve the right to delete stuff that annoys me.

Subscribe to: Post Comments (Atom)