Apple Uses Patches for iOS and MacOS to Stop Two Zero-Days

Apple recently issued emergency updates to address two security issues in their operating systems. These problems were used in highly advanced attacks and affected a very small number of iPhone users.

The security flaws are identified as CVE-2025-31200 and CVE-2025-31201. They involve problems with how code runs and how certain safeguards can be bypassed in Apple's iOS, iPadOS, and macOS platforms.

Apple reported that these vulnerabilities were used in targeted attacks on specific iPhones. Here's more information about these issues:

1. CoreAudio (CVE-2025-31200): This issue happens when an audio stream from a dangerous media file is processed, leading to harmful code potentially running on a device. Apple discovered that it was used in highly advanced attacks targeting certain iOS users. Google’s Threat Analysis Group (TAG) identified this flaw, which was resolved by improving how memory is managed within the system.

2. RPAC (CVE-2025-31201): This vulnerability allows attackers who can read and write data to bypass Pointer Authentication, a significant security feature. This issue was also used in sophisticated attacks against particular iOS devices. To fix it, Apple removed the vulnerable code.

Pointer Authentication is a security feature in ARM architecture that ensures the integrity of pointers, helping prevent unauthorized changes.

These vulnerabilities have also been patched on macOS Sequoia devices, though the attacks reportedly only affected a limited number of iPhones.

Apple did not provide specific details about how these attacks were executed, a common practice when addressing such issues.