Apple released new updates for iPhone, iPad, and Mac on Monday, including the default activation of Apple Intelligence for newer devices. The updates also addressed several security vulnerabilities, including a zero-day bug that may have been actively exploited.
This flaw, found in Core Media—the media engine behind many Apple devices—affected users with iPhones running software older than iOS 17.2 (released in December 2023).
The vulnerability allowed hackers to gain elevated privileges via a memory corruption bug, potentially granting them broader access to a device’s data. The fix was applied across Apple’s product line, including iPhones, iPads, Macs, Apple Watches, Apple TVs, and the Vision Pro headset.
Apple did not credit any researcher for discovering the bug and declined to comment on who exploited it or the targeted users. This marks the first exploited bug in iOS this year, adding to at least seven actively exploited bugs Apple patched in 2024.
This is the first iOS bug of 2025 to be exploited in the wild. In 2024, Apple patched at least seven vulnerabilities that were suspected of being actively targeted by hackers. These fixes highlight ongoing security concerns and the need for timely updates to protect devices from potential threats.
