Apple’s iOS 18.3 fixes a large list of 29 vulnerabilities. One of them is already used … (+)
Apple iPhone
Update, January 29, 2025: This story has been updated in this story, which was first released on January 27, features the details of the fix issued along with iOS 18.3, and functions such as automatic Apple Intelligence. Includes additional expert analysis about.
Apple issued iOS 18.3 and issued a warning to update the iPhone. This is because iOS 18.3 has revised a large list of 29 vulnerabilities. One of them is already used in attacks.
Apple does not provide a lot of details about the problem corrected on iOS 18.3. This is because you want to give people as much time to update before the attacker understands the details.
However, the already misused issues patched in iOS 18.3 are the defects of COREMEDIA tracked as CVE-2025-24085, and you can see that malicious applications can increase privileges.
Apple recognizes that the issue may have been actively used for the iOS version before iOS 17.2, said on the support page.
Corrected on iOS 18.3
Apple’s iOS 18.3 also fixes two bugs in the kernel at the center of the iOS operating system. The first defect tracked as CVE-2025-24107 has found that malicious apps can acquire route privileges. On the other hand, in the second problem, the app can use the kernel privilege to execute the code.
iOS 18.3 updates some flaws on WebKit, an engine supporting Safari browser. Webkit Web Inspector bugs can lead to command injection. Here, a malicious hacker tricks the application and runs the operating system command.
On the other hand, AirPlay issues tracked as CVE-2025-24137 can cause unexpected applications or code execution.
Another bug in Passkeys can see the enemy gaining unauthorized access to Bluetooth using the app.
Apple issues a Mac update along with iOS 18.3
In addition to iOS 18.3, iPados 18.3, and iPados 17.7.4, Apple is MacOS SEQUOIA 15.3, MacOS Sonoma 14.7.3, Watchos 11.3, APPL E Vision Pro Headset, Safari 18.3 Visionos 2.3 It was issued. Many of the same problems, including defects that have already been exposed.
Reasons for updating to iOS 18.3 now
Apple released iOS 18.3 with iPados 17.7.4, but has not yet updated iOS 17.7.4. This is because iOS 17 is not affected, Apple has not provided updates to new devices, or the details are not yet available.
However, at least so far, there is no update of iOS 17 that is available, so updating to iOS 18 will be safe.
The upgrade iOS 18.3 includes “some important security -related fixes”. In consideration of this, he strongly recommends that iOS users update as soon as possible.
Light believes that the most concerns of the vulnerabilities fixed in iOS 18.3 are the defects in the kernel and have warned that the attacker can obtain complete control of the device. 。
The problem of the kernel patched on iOS 18.3 is that some of the other vulnerabilities, especially the CVE-2025-24150, to enable the attacker to do this remotely. Light is warning.
Lights say that many of the other vulnerabilities dealt with iOS 18.3 seem to refuse services or privacy -related services that allow attackers to allow users or devices to finger their devices.
It is also worth noting that Corimedia’s defects may have been misused in the previous version of iOS or earlier iOS. , “He warns.
However, the light believes that there is one silver lining. It seems difficult to abuse vulnerability. “As a result, the risk to most users should be low, but it is still important to update if possible.”
IOS 18.3 Released bug fixes are “wide and important services” such as accessibility, AirPlay, CoreMedia, Kernel, PassKeys, Safari, and WebKit.
Reading the release notes will give you an insight on threat vectors that can potentially damage iOS. “In this specific release, patches that prevent locked apps from bypassing, patches that block the local network to destroy memory, multiple flavors of service refusal, and more safer. I saw other fixes designed to provide.
Covington advises to users and organizations that depend on the iPhone to “install security updates as soon as possible.”
IOS 18.3 says, “It’s no exception.” “Leaving the latest patches into the latest state is one of the most effective ways to protect and protect the device to the attacker.”
After upgrading to iOS 18.3, be aware that Apple automatically enables AI with an iPhone 15s or higher, checks the settings and disables functions as needed. Due to its nature, AI requires data to operate, and the provision of the iPhone manufacturer Apple Intelligence is a privacy reservation compared to competitors, but we are still thinking.
Apple processes data on the device as much as possible, sends security and privacy to AI products for a secure private cloud computing for resources with many resources resources.
The Apple Intelligence includes updates to Siri Voice Assistant, which uses the partnership with the iPhone Maker AI Giant Openai’s Chatgpt. Apple asks for permission before sending data to Chatgpt, but using this feature applies strict privacy policy of Openaii.
Apple’s iOS 18.3 is iPhone XS, and iPad Pro 12.9 inch 3rd generation, iPad Pro 11 -inch or later, iPad Air 3rd Generation and subsequent iPad 7ter iPad mini 5th. Tion or higher.
In my opinion, it is easy to upgrade to iOS 18.3. This update has revised the problem that was misused by the actual attack, and it is important to update as soon as possible to keep the iPhone safer.
So what are you waiting for? Set up your iPhone> Update software, download and install iOS 18.3.
