Apple Patches Older iPhones Against ‘Sophisticated’ Hacker Attacks

Apple is offering a batch of updates across its product lineup this week to address dozens of important security flaws, including some that criminals are already exploiting.

iOS 18.4 delivers a range of enhancements in areas like Image Playground and Applew News+, new emojis, and enhancements to better organize and filter your Photos library.

The release also includes the latest security amendments – some 60 fixes in key components like Accessibility, Accounts, AirDrop, Authentication Services, CoreMedia, MobileLockdown, Safari, Siri, and WebKit.

Other Apple products, such as Macs, the AppleTV media center and the Apple Vision headset, share many of these components – so the fixes are also available on these products as well.

But perhaps the most important updates are those for older Apple gear.

‘Extremely sophisticated attacks’

This week's long list of security fixes extends to devices like the iPhone 6, iPhone 7, iPhone 8, iPhone X, and older-generation iPads. The reason? Apple is backporting important security fixes—already deployed on new-generation products—to protect users who still wield old hardware.

iOS 16.7.11 and iOS 15.8.4 address two distinct vulnerabilities which, according to the Cupertino tech giant, have likely been used in sophisticated attacks on targeted individuals.

Tracked as CVE-2025-24200, an Accessibility flaw can be exploited in “a physical attack [to] disable USB Restricted Mode on a locked device.”

Apple introduced USB Restricted mode in 2018 as an additional security layer preventing tethered access to an iPhone’s contents if the device has not been unlocked and connected via cable within the past hour.

The feature, seen as a blow against abuse of digital forensics tools, was designed to prevent data extraction outside law enforcement purposes.

According to the spyware crusaders at Citizen Lab who reported the issue to Apple, abusers have found ways to bypass the restriction.

“Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals,” reads Apple’s advisory.

The second flaw, tracked as CVE-2025-24201 and discovered by Apple’s own security team, is a weakness in WebKit enabling an attacker to use “maliciously crafted web content" to compromise the victim.

“This is a supplementary fix for an attack that was blocked in iOS 17.2,” Apple notes.

“Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 17.2,” the company warns.

This particular security lapse is already fixed on new-generation iPhones and iPads (with the release of iOS 18.3.2 last month).

Apple reported the issue to everyone in the industry whose software relies on WebKit to display web content. Upon Apple’s warning, Google immediately issued an emergency fix for the macOS version of Chrome.

A third backported fix

A third security hole, also said to have been exploited by hackers, is addressed on older iPad models stuck on iOS 17.

Tracked as CVE-2025-24085, this CoreMedia vulnerability has been fixed for a while on hardware running iOS 18. However, Apple still diligently warns that it’s “aware of a report that this issue may have been actively exploited against versions of iOS before iOS 17.2.”

Reading between the lines: iPad users who are still running iOS 17 will want to update now. If that’s you, make sure you have iPadOS 17.7.6 running on your Apple tablet starting today.

Patch your Apple gear

"Sophisticated" attacks exploiting lapses in Apple software have historically involved spyware. Attackers target high-risk individuals like activists, dissidents, political adversaries, human rights advocates, and investigative journalists. However, you never know when you accidentally trip a wire and become a target. So it’s always a good idea to keep your personal gizmos updated with the latest security updates.

As we note in our security guide for iPhone users, Apple’s proverbial walled garden has long been lauded for its robust security, thanks to a tightly controlled ecosystem, a strict app review process, and timely software patches. Yet, advanced cyber threats targeting Apple users – especially iPhone users – persist.

Read: 10 Cyberthreats iPhone Users Can’t Afford to Ignore in 2025

As of today, Apple users will want to be on the following software versions:

·      iOS 18.4 and iPadOS 18.4

·      iPadOS 17.7.6

·      iOS 16.7.11 and iPadOS 16.7.11

·      iOS 15.8.4 and iPadOS 15.8.4

·      macOS Sequoia 15.4

·      macOS Sonoma 14.7.5

·      macOS Ventura 13.7.5

·      tvOS 18.4

·      visionOS 2.4

·      Safari 18.4

For peace of mind, run a dedicated security solution on all your personal devices. On iOS and macOS, remember to also keep the trusty Lockdown Mode toggle handy if you have reason to believe hackers might be targeting you.