If you’ve been putting off updating your iPhone and iPad, Apple just gave you a good reason to do so ASAP, as it just patched a new zero-day vulnerability.
As reported by BleepingComputer, this new security flaw has already been exploited in targeted and “extremely sophisticated" attacks which is par for the course when it comes to Apple devices.
The flaw (tracked as CVE-2025-24200) is an authorization issue that Apple has now addressed with improved state management with the release of iOS 18.3.1 and iPadOS 18.3.1. In a new advisory, the company provided further details on the matter and explained that by leveraging this particular zero-day, a physical attack could be used to “disable USB Restricted Mode on a locked device.”
First introduced back in iOS 11, USB Restricted Mode is a security feature which blocks USB accessories from creating a data connection with one of the best iPhones or iPads if the device has been locked for more than an hour. Instead of hackers, this feature was actually designed to prevent law enforcement agencies from using forensic software like Graykey and Cellebrite to extract data from locked iPhones.
Impacted iPhones and iPads
Whether you have a newer iPhone or iPad or an older device, you’re going to need to download and install this latest update.
When it comes to iPhones, every device from the iPhone XS and later are impacted. With the best iPads, the iPad Pro 13-inch, iPad Pro 12.9-inch (3rd gen and later), iPad Pro 11-inch (1st gen and later), iPad Air (3rd gen and later), iPad (7th gen and later) and the iPad mini (5th gen and later) are affected.
It can be easy to get worried about big zero-day vulnerabilities like this one but most people don’t actually have anything to be concerned about since this flaw was exploited in highly targeted attacks. These sorts of attacks usually go after government officials, business leaders and other high-value targets.
Still, you’re going to want to download and install this update as soon as you can, since attacks like these have a way of trickling down. Likewise, hackers love to target ordinary people running outdated software as doing so doesn’t require nearly as much effort.
How to keep your Apple devices safe
When it comes to keeping your iPhone, iPad, Mac and other Apple devices safe from hackers, the easiest way to do so is to install new security updates when they become available. Doing so can be tedious at times but the alternative — getting hacked or falling victim to identity theft — is much worse.
Since even iPhones and iPads can fall victim to bad apps, you always want to be extra cautious when installing new software on your devices. Check an app’s ratings, reviews and if it seems too good to be true, it probably is.
While there isn’t an iPhone or iPad equivalent to the best Android antivirus apps, one of the best Mac antivirus software solutions does provide a workaround when it comes to scanning your mobile Apple devices for malware and other viruses. If you plug your iPhone or iPad into a Mac running Intego’s antivirus software, it can scan either device for malware.
As they’re harder to hack (or at least this was true in the past), Apple devices have proven to be a goldmine for cybercriminals. And now that they’ve become extremely popular, hackers are going out of their way to develop Mac malware that finds its way into your iPhone. However, if you install updates in a timely manner and practice good cyber hygiene online, you and your devices should be safe.
More from Tom's Guide
