TLDR:
Apple’s latest security update addresses a zero-day vulnerability in USB Restricted Mode, which was exploited in sophisticated attacks targeting specific individuals. Users should update their devices immediately.
__________________
In a recent emergency security update, Apple has patched a zero-day vulnerability that was exploited in highly sophisticated attacks. The vulnerability, tracked as CVE-2025-24200, affects the USB Restricted Mode feature on devices running iOS 18.3.1, iPadOS 18.3.1, and iPadOS 17.7.5. This update is crucial, as the flaw may have been exploited in targeted attacks, potentially compromising iPhone and iPad users’ security.
What is USB Restricted Mode?
Introduced with iOS 11.4.1 nearly seven years ago, USB Restricted Mode is a security measure that blocks USB accessories from creating data connections to locked devices if they haven’t been unlocked for over an hour. This feature is designed to protect devices from forensic tools like GrayKey and Cellebrite, which law enforcement and other entities often use to extract data from locked iPhones and iPads.
The Vulnerability
The zero-day vulnerability in question allowed attackers to bypass USB Restricted Mode on affected devices. Once exploited, the vulnerability could have granted attackers unauthorized access to sensitive data, including personal and organizational information, by circumventing these security mechanisms.
The devices impacted by this vulnerability include:
- iPhone XS and later models
- iPad Pro (various generations)
- iPad Air 3rd generation and later
- **iPad Mini 5th generation and later
- iPad 7th generation and later
Why You Should Update Now
Although Apple has not provided extensive details on the attacks in which this vulnerability was exploited, it’s clear that the risk is high. Citizen Lab, known for its research on targeted cyberattacks, has been at the forefront of uncovering such zero-day vulnerabilities, which are typically used against high-risk individuals such as journalists, politicians, and dissidents.
Apple has acted swiftly by issuing this security update, which addresses the authorization issue and improves the state management of USB Restricted Mode. Users are strongly urged to update their devices immediately to prevent ongoing or future attack attempts.
Apple’s Commitment to Security
This release follows a series of security patches aimed at safeguarding users’ devices from exploitation. In the past year alone, Apple has addressed several critical vulnerabilities, including multiple zero-day flaws exploited by spyware like NSO Group’s Pegasus.
Apple’s ongoing efforts to improve device security are a testament to the company’s commitment to protecting its users from cyber threats. However, as cyber threats evolve, the importance of regularly updating software cannot be overstated.
How to Update:
To ensure your device is protected, follow these steps:
- Open the Settings app.
- Go to General > Software Update.
- If an update is available, tap Download and Install.
Conclusion
This zero-day vulnerability highlights the need for constant vigilance in device security. While Apple has patched the issue, updating your devices as soon as possible is crucial to protect against potential cyberattacks. Stay safe and ensure that your devices are always up-to-date.
