Apple Patches Two Zero-Days Used in ‘Extremely Sophisticated’ Attacks
Apple
PARTAGER
Facebook X Pinterest WhatsApp

Apple Patches Two Zero-Days Used in ‘Extremely Sophisticated’ Attacks

Find out the specifics of these iOS and macOS vulnerabilities, as well as which Apple devices were impacted.

Écrit par
Aminu Abdullahi
Aminu Abdullahi
Apr 17, 2025
The Apple logo with a hand holding a lock.
Image: ink drop/Adobe Stock

Apple has rolled out emergency updates to patch two serious security flaws that were actively being exploited in highly targeted attacks on iPhones and other Apple devices. The fixes, released on April 16 as part of iOS 18.4.1 and macOS Sequoia 15.4.1, address zero-day vulnerabilities.

Apple said these bugs were used in an “extremely sophisticated attack against specific targeted individuals on iOS.”

Inside the iOS and macOS vulnerabilities

The two bugs, tracked as CVE-2025-31200 and CVE-2025-31201, affect Apple’s software’s CoreAudio and RPAC components.

  • CVE-2025-31200 (CoreAudio): This bug allows hackers to take control of a device simply by tricking it into processing a malicious media file. Apple credited the discovery to its internal team and researchers from Google’s Threat Analysis Group — a unit known for tracking advanced cyberattacks, often linked to government actors.
  • CVE-2025-31201 (RPAC): This flaw affects a security mechanism called Pointer Authentication, designed to prevent memory attacks. Hackers who have read and write access to a device could bypass this protection and hijack the system. Apple found and fixed this bug internally by removing the vulnerable code.

Must-read Apple coverage

Which Apple devices were affected?

While Apple didn’t say who was behind the attacks or how many people were affected, the language the company used — “specific targeted individuals” — strongly suggests that these were not random hacks, but deliberate and precise operations. That, combined with Google’s involvement, has raised speculation about possible ties to government-backed surveillance campaigns.

Devices affected include:

  • iPhones from iPhone XS and newer.
  • iPads from 7th generation and newer.
  • Macs running macOS Sequoia.
  • All models of Apple TV HD and Apple TV 4K.
  • Apple Vision Pro headset.
Advertisement

A growing list of zero-days

These latest fixes bring the number of zero-days patched by Apple this year to five. Earlier vulnerabilities were addressed in January, February, and March. Apple typically keeps details about ongoing exploits under wraps, and this case is no different. The company hasn’t shared exactly how the bugs were used.

Aminu Abdullahi

Aminu Abdullahi is a B2C and B2B technology and finance writer with more than six years of experience covering enterprise IT, cybersecurity, cloud computing, artificial intelligence, fintech, business software, and emerging technologies. His work has appeared in publications including TechRepublic, eWEEK, Channel Insider, Geekflare, Enterprise Networking Planet, eSecurity Planet, CIO Insight, and Webopedia. With a technical background in computer science, he specializes in translating complex technology topics into clear, accessible content for business leaders and decision-makers.