If you’ve been putting off updating your iPhone and iPad to iOS 18.3.1, Apple just gave you a good reason to do so ASAP, as it just patched a new zero-day vulnerability.
As reported by BleepingComputer, this new security flaw has already been exploited in targeted and “extremely sophisticated" attacks, which is par for the course when it comes to Apple devices.
The flaw (tracked as CVE-2025-24200) is an authorization issue that Apple has now addressed with improved state management with the release of iOS 18.3.1 and iPadOS 18.3.1. In a new advisory, the company provided further details on the matter. It explained that by leveraging this particular zero-day, a physical attack could be used to “disable USB Restricted Mode on a locked device.”
First introduced back in iOS 11, USB Restricted Mode is a security feature that blocks USB accessories from creating a data connection with one of the best iPhones or iPads if the device has been locked for more than an hour. Instead of hackers, this feature was designed to prevent law enforcement agencies from using forensic software like Graykey and Cellebrite to extract data from locked iPhones.
Impacted iPhones and iPads
Whether you have a newer iPhone or iPad or an older device, you must download and install this latest update as soon as you can.
Regarding iPhones, every device from the iPhone XS and later are impacted. With the best iPads, the iPad Pro 13-inch, iPad Pro 12.9-inch (3rd gen and later), iPad Pro 11-inch (1st gen and later), iPad Air (3rd gen and later), iPad (7th gen and later) and the iPad mini (5th gen and later) are affected.
It can be easy to get worried about big zero-day vulnerabilities like this one. Still, most people don’t have anything to be concerned about since this flaw was exploited in highly targeted attacks. These sorts of attacks usually go after government officials, business leaders and other high-value targets.
Still, you’re going to want to download and install this update since attacks like these have a way of trickling down. Likewise, hackers love to target ordinary people running outdated software, as doing so doesn’t require nearly as much effort.
How to keep your Apple devices safe
When it comes to keeping your iPhone, iPad, Mac and other Apple devices safe from hackers, the easiest way is to install new security updates when they become available. Doing so can be tedious at times, but the alternative — getting hacked or falling victim to identity theft — is much worse.
Since even iPhones and iPads can fall victim to bad apps, you always want to be extra cautious when installing new software on your devices. Check an app’s ratings and reviews. If it seems too good to be true, it probably is.
While there isn’t an iPhone or iPad equivalent to the best Android antivirus apps, one of the best Mac antivirus software solutions does provide a workaround when it comes to scanning your mobile Apple devices for malware and other viruses. If you plug your iPhone or iPad into a Mac running Intego’s antivirus software, it can scan either device for malware.
As they’re harder to hack (or at least this was true in the past), Apple devices have proven to be a goldmine for cybercriminals. And now that they’ve become extremely popular, hackers are going out of their way to develop Mac malware that finds its way into your iPhone. However, if you install updates in a timely manner and practice good cyber hygiene online, you and your devices should be safe.
More from Tom's Guide
You must confirm your public display name before commenting
Please logout and then login again, you will then be prompted to enter your display name.
