Apple backports zero-day patches to older iPhones and Macs

Apple has released security updates that backport fixes for actively exploited vulnerabilities that were exploited as zero-days to older versions of its operating systems. At the same time, the consumer tech giant released security updates for the latest stable iOS, iPadOS, and macOS, addressing numerous security flaws. Backporting zero-day fixes The first backport concerns CVE-2025-24200, a flaw discovered by Citizen Lab that was exploited by mobile forensic tools to disable 'USB Restricted Mode' on locked devices. Apple addressed the flaw in iOS 18.3.1, iPadOS 18.3.1, and 17.7.5, released on February 10, 2025. The second vulnerability backported to older OS versions is CVE-2025-24201, which allowed hackers to break out of the Web Content sandbox on the WebKit engine using specially crafted web content. Apple warned that the flaw was exploited in "extremely sophisticated" attacks, fixing it on March 11, 2025, with the release of iOS 18.3.2, iPadOS 18.3.2, macOS Sequoia 15.3.2, v ... Read full article.