Apple Releases Urgent Patch for USB Vulnerability
In a swift move to protect its users, Apple has rolled out a crucial security update aimed at fixing a potential security flaw that could have been exploited in what the tech company describes as an “extremely sophisticated attack.”
This cyber threat was reportedly aimed at particular individuals, though detailed information regarding the identities or the scope of the attack remains undisclosed by Apple.
The identified security loophole, labeled CVE-2025-24200, presents a threat that could enable a physical device attack, potentially undermining the USB Restricted Mode on devices when they’re locked. USB Restricted Mode is designed to make unauthorized access more challenging by disabling data connection through the Lightning port when an iPhone has been locked for over an hour. This feature ensures that if someone attempts to retrieve data from a phone without permission, they must have the correct credentials for access.
The latest update is available for multiple Apple devices, including iPhone XS and later models, as well as the iPad Pro 13-inch, iPad Pro 12.9-inch (third generation and newer), iPad Pro 11-inch (first generation and beyond), iPad Air (third generation and newer), iPad (seventh generation and later), and the iPad mini (fifth generation onward).
It is strongly advised for users with any of these Apple devices to proceed with installing the update at their earliest convenience. This can easily be done by navigating to the device’s settings to ensure they are running the latest version of the software.
With this update, Apple reinforces its commitment to maintaining the security integrity of its devices, emphasizing the importance of keeping user data secure from sophisticated threats.
Ensuring devices are regularly updated with the latest security patches is a critical step in protecting personal data from the evolving landscape of cybersecurity threats. By taking prompt action in addressing such vulnerabilities, users safeguard their private information against potential breaches arising from exploits like the one identified.
