Apple Issues Urgent Security Updates to Fix Zero-Days Used in Targeted Attacks

Apple has just pushed out critical security updates across its product lines to tackle two significant zero-day vulnerabilities. These aren’t just potential threats; the company confirmed they have been actively exploited in what it describes as a “highly sophisticated attack” specifically targeting certain iPhone users.

The vulnerabilities impact the entire Apple ecosystem, including iOS, macOS, tvOS, iPadOS, and visionOS. In its security bulletin, Apple stated, “Apple is aware of a report that this issue may have been exploited in a highly sophisticated attack against specific targeted individuals on iOS.”

Understanding the Zero-Day Flaws

Let’s break down the two vulnerabilities addressed:

CVE-2025-31200: CoreAudio Flaw (CVSS Score: 7.5)

Discovered jointly by Apple and Google’s Threat Analysis Group (TAG), this vulnerability resides within the CoreAudio component. It could allow an attacker to achieve remote code execution on a target device simply by tricking the user into processing a specially crafted media file containing a malicious audio stream.

CVE-2025-31201: RPAC Bypass (CVSS Score: 6.8)

Identified directly by Apple, this flaw is located in the RPAC component. It potentially allows an attacker who already has read/write access to bypass a crucial security feature known as Pointer Authentication (PAC). PAC is a hardware-level defense mechanism designed to protect iOS and related systems against memory corruption vulnerabilities.

Apple is currently withholding further technical details about how these vulnerabilities were chained or used in the attacks. This common practice gives users a window to apply the patches before more attackers can develop ways to exploit the flaws widely.

Which Devices and OS Versions Are Affected?

The crucial fixes are included in the following software versions:

• iOS 18.4.1
• iPadOS 18.4.1
• tvOS 18.4.1
• macOS Sequoia 15.4.1
• visionOS 2.4.1

The list of affected devices is quite extensive, covering both recent and slightly older models:

• iPhone: XS and later models
• iPad: Pro 13-inch, Pro 12.9-inch (3rd gen+), Pro 11-inch (1st gen+), Air (3rd gen+), standard iPad (7th gen+), mini (5th gen+)
• Mac: Devices running macOS Sequoia
• Apple TV: HD and all Apple TV 4K models
• Apple Vision Pro

Update Now: Why It’s Crucial

Even though Apple indicates these zero-day attacks were highly targeted, the strong recommendation is for all users to install these security updates as soon as possible. These vulnerabilities have been proven exploitable in real-world scenarios.

With these latest patches, Apple has now addressed five zero-day vulnerabilities since the beginning of 2025 (one in January – CVE-2025-24085, one in February – CVE-2025-24200, one in March – CVE-2025-24201, and these two new ones).

The increasing number of critical vulnerabilities being discovered, even within Apple’s traditionally well-regarded secure ecosystem, underscores the absolute importance of keeping your devices updated promptly. Don’t delay – check for updates on your Apple devices today.