If you’ve been holding off on updating your iPhone, Mac and other Apple devices, you should do so right now as the company has released new security updates to patch its first zero-day vulnerability of the year.
As reported by BleepingComputer, this new zero-day (traced as CVE-2025-24085) is a privilege escalation flaw in Apple’s Core Media framework. In a support document, the company explains that “a malicious application may be able to elevate privileges” by exploiting this now patched vulnerability.
The flaw itself is a use after free issue that Apple addressed with improved memory management across its smartphones, computers and other devices with the release of iOS 18.3, iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, VisionOS 2.3 and tvOS 18.3.
Here’s everything you need to know about this new zero-day, which Apple devices are affected and how you can stay safe from hackers exploiting this vulnerability in their attacks.
Update these Apple devices right now
Since this zero-day affects both older and newer models, the list of impacted Apple devices is quite large.
When it comes to the best iPhones and the best iPads, every model from the iPhone XS on is vulnerable as are the iPad Pro 13-inch, iPad Pro 12.9-inch (3rd gen and later), iPad (7th gen and later) and the iPad mini (5th gen and later). On the Mac front, the best MacBooks and other Apple computers running macOS Sequoia are vulnerable.
In addition to Apple’s smartphones, tablets and computers, Apple Watch Series 6 and later as well as the Apple TV HD and Apple TV 4K (all models) are also affected.
Just like with previous zero-days, the company has not provided any details regarding any attacks that took place in order to give its customers time to update their devices. Surprisingly though, Apple has also not attributed this zero-day’s discovery to a particular security firm or research, which it usually does.
How to keep your iPhone, Mac and other Apple devices safe from hackers
When an iPhone zero-day or vulnerability is discovered, they’re tremendously valuable since they can be used to target high-profile individuals like government officials and CEOs in attacks before that particular flaw is made public.
While most of us likely don’t fall into either of these two categories, it’s still important that you update your iPhone, Mac and other Apple devices right away. The reason being is that once hackers go after these initial targets, they then like to prey on people who haven’t updated their devices.
Besides updating your iPhone, iPad, Mac and other Apple devices to the latest software, there are some other steps you can take to stay safe too. Although your Mac does come with built-in security software in the form of XProtect, you should also consider using one of the best Mac antivirus software solutions for added protection. Many of them also come with useful extras like a VPN to keep your web browsing private and your searches safe from prying eyes.
Although there isn’t an iPhone equivalent to the best Android antivirus apps due to Apple’s own restrictions around malware scanning, Mac antivirus software from Intego can scan your iPhone or iPad for malware when either device is connected to a Mac over USB.
We probably won’t find out more about how this new zero-day was used by hackers in their attacks but its discovery is a great reminder to keep your Apple and other devices updated with the latest software.
