Apple has issued urgent security updates for its operating systems, including iOS, iPadOS, macOS, watchOS, and visionOS, to address a critical zero-day vulnerability actively exploited in the wild. The vulnerability, identified as CVE-2025-24200, resides within the USB Restricted Mode feature, which requires user interaction to authorize USB data connections.
This flaw, according to Apple, has been exploited in “extremely sophisticated attacks” targeting specific individuals. While the company has not disclosed the nature of these attacks or the identities of the targeted individuals, the urgency of the update underscores the severity of the threat.
The updates, including iOS 18.3.1, iPadOS 18.3.1, macOS 15.3.1, macOS Sonoma 14.7.4, macOS Ventura 13.7.4, watchOS 11.3.1, and visionOS 2.3.1, aim to patch this vulnerability and mitigate the potential for attackers to exploit it to gain unauthorized access to user devices.
Unexpected Side Effect: Apple Intelligence Re-enabled
However, the update has also inadvertently re-enabled Apple Intelligence on some devices where it had been previously disabled. Apple Intelligence, a feature designed to improve Apple’s products and services, collects user data for analysis. While Apple emphasizes the privacy-preserving nature of this data collection, the unexpected re-enabling of this feature has raised concerns among some users who value their privacy.
Security Implications and User Action
This zero-day vulnerability highlights the ongoing challenges in maintaining the security of even the most advanced operating systems. Cybercriminals are constantly evolving their tactics, and the rapid response from Apple underscores the critical importance of timely security updates.
Apple strongly encourages all users to install these critical security updates as soon as possible. Users should also be vigilant about the security of their devices and avoid connecting them to untrusted USB ports.
Leave a Reply