Apple has implemented software updates to fix multiple security vulnerabilities, notably a zero-day flaw known as CVE-2025-24085 in the Core Media component, which has been reported as actively exploited in devices prior to iOS 17.2. This vulnerability allows for elevated privileges if a malicious application is already installed. The updates also cover five AirPlay vulnerabilities and additional flaws identified by Google's Threat Analysis Group in the CoreAudio component. Improved memory management and security measures have been applied across a range of devices and operating systems.
Apple has released software updates to address several security vulnerabilities, including a zero-day vulnerability (CVE-2025-24085) that was actively exploited in older iOS versions.
The vulnerability CVE-2025-24085, a use-after-free bug in Core Media, could allow malicious applications to gain elevated privileges on devices.
In addition to the zero-day flaw, Apple has addressed five AirPlay security vulnerabilities, which could lead to system failure or denial-of-service.
Google TAG discovered three additional vulnerabilities in CoreAudio that may cause application crashes when processing specially crafted files.
Collection
[
|
...
]