Headline
Apple Confirms ‘Extremely Sophisticated’ Exploit Threatening iOS Security
Apple fixes the USB Restricted Mode flaw in iOS 18.3.1 and iPadOS 18.3.1. Vulnerability exploited in targeted attacks.…
Apple fixes the USB Restricted Mode flaw in iOS 18.3.1 and iPadOS 18.3.1. Vulnerability exploited in targeted attacks. Update your iPhone/iPad now.
Apple has issued an urgent security update for iPhones and iPads, addressing a significant vulnerability that has, reportedly, already been exploited in targeted attacks. Tracked as CVE-2025-24200, the vulnerability affects the USB Restricted Mode, a security feature introduced in 2018 to protect devices from unauthorized access.
For your information, this security feature is designed to disable the Lightning or USB ports of iPhones and iPads if they remain locked for more than an hour. Normally, these ports are re-enabled once the user authenticates and unlocks their device.
However, it appears that this protection mechanism itself has been compromised. The bug can be exploited by an attacker with physical possession of a locked phone, enabling them to re-enable the data port and potentially allowing further intrusion. Apple has acknowledged that this flaw can disable the feature.
“A physical attack may disable USB Restricted Mode on a locked device. Apple is aware of a report that this issue may have been exploited in an “extremely sophisticated” attack against specific targeted individuals,” the iPhone maker’s advisory read.
Security experts believe that Apple’s unusual choice of words, describing the exploit as “extremely sophisticated,” highlights the seriousness of the issue.
The National Institute of Standards and Technology (NIST) has also assessed this vulnerability, describing it as an “authorization issue” that has been resolved through “improved state management.”
The company has released patches, iOS 18.3.1, iPadOS 18.3.1, and iPadOS 17.7.5 to address this issue. These updates are available for a wide range of devices, including iPhone XS and later models, as well as various iPad Pro, iPad Air, iPad Mini, and standard iPad models.
The vulnerability was discovered by Bill Marczak, a senior researcher at the Citizen Lab. While Apple has not provided detailed information about the attack or the specific methods used, the discovery by the Citizen Lab suggests a possible connection to sophisticated surveillance techniques, potentially at the nation-state level.
Update your iPhones… again! iOS 18.3.1 out today with a fix for an ITW USB restricted mode bypass (via Accessibility) https://t.co/jcrsab7RGu pic.twitter.com/ER42QQcsLj
— Bill Marczak (@billmarczak) February 10, 2025
Related news
Agents with the Federal Bureau of Investigation (FBI) briefed Capitol Hill staff recently on hardening the security of their mobile devices, after a contacts list stolen from the personal phone of the White House Chief of Staff Susie Wiles was reportedly used to fuel a series of text messages and phone calls impersonating her to U.S. lawmakers. But in a letter this week to the FBI, one of the Senate's most tech-savvy lawmakers says the feds aren't doing enough to recommend more appropriate security protections that are already built into most consumer mobile devices.
Microsoft today issued security updates to fix at least 56 vulnerabilities in its Windows operating systems and supported software, including two zero-day flaws that are being actively exploited.
The vulnerability could allow a threat actor to disable the security feature on a locked device and gain access to user data.
Apple has released an out-of-band security update for a vulnerability which it says may have been exploited in an "extremely sophisticated attack against specific targeted individuals.”