Keeping you safe & protected
We offer a diverse selection of top-tier security and home automation products and services tailored for both residential and commercial settings.
At CWC Security, we are dedicated to upholding the utmost standards in design, installation, and project management for security and communication systems. Our commitment includes comprehensive training programs for our staff to ensure they execute their tasks with safety and proficiency. Explore our extensive array of commercial and residential security solutions.
We will achieve continued business expansion by growing our client base and diversifying the services we offer. As our clients’ operations are positively impacted by our services, our business will prosper. Every aspect of CWC Security is designed to add value and deliver an urgent response to your changing needs with the right technology, custom-configured solutions, innovative extranet tools, technical expertise, specialized services and ongoing support.
Ensuring the safety and security of your premises is crucial in today's world. At CWC Security, we understand the importance of peace of mind when it comes to protecting what matters most to you.
As a leader in the alarm and security industry, we are committed to providing cutting-edge solutions tailored to your specific needs. With 25 years of expertise, our team specializes in designing, installing, and monitoring state-of-the-art security systems that offer comprehensive protection for residential and commercial spaces.
- Home
- > Blog Main Page
- > Cyber Security
- > Apple Releases Emergency Security Updates for Zero Day Vulnerability
Apple Releases Emergency Security Updates for Zero Day Vulnerability
02.10.2025
michael pittakas
Apple Releases Emergency Security Updates For Zero-Day Vulnerability Exploited In Sophisticated Attack
The Cyber Security Hub™
https://www.linkedin.com/pulse/apple-releases-emergency-security-updates-zero-day-naghe/
February 10, 2025
Apple has issued emergency security updates to patch a zero-day vulnerability that was exploited in targeted and "extremely sophisticated" attacks.
USB Restricted Mode Bypass Exploit
According to Apple's advisory, the vulnerability allows a physical attack to disable USB Restricted Mode on a locked iPhone or iPad.
"Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals."
USB Restricted Mode, introduced in iOS 11.4.1 nearly seven years ago, prevents USB accessories from establishing a data connection if the device has been locked for over an hour. This security measure is designed to block forensic tools like GrayKey and Cellebrite, often used by law enforcement, from extracting data from locked iOS devices.
New Security Feature: Inactivity Reboot
In November, Apple added another security feature called "inactivity reboot" to further protect user data. This feature automatically restarts iPhones after extended idle periods, re-encrypting data and making it more difficult for forensic tools to extract information.
Details of the Zero-Day Vulnerability
The newly patched vulnerability, tracked as CVE-2025-24200, is an authorization issue discovered by Citizen Lab's Bill Marczak. Apple has addressed this flaw in the latest updates:
iOS 18.3.1
iPadOS 18.3.1
iPadOS 17.7.5
The fix involves improved state management to prevent unauthorized access.
Affected Apple Devices
The vulnerability impacts a wide range of Apple devices, including:
iPhones:
iPhone XS and later
iPads:
iPad Pro 13-inch, iPad Pro 12.9-inch (3rd gen and later), iPad Pro 11-inch (1st gen and later)
iPad Air (3rd gen and later), iPad (7th gen and later), iPad mini (5th gen and later)
iPad Pro 12.9-inch (2nd gen), iPad Pro 10.5-inch, iPad (6th gen)
Urgent Recommendation: Update Immediately
Although this vulnerability was exploited only in targeted attacks, Apple strongly advises all users to install the latest security updates immediately to prevent potential exploitation.
While Apple has not yet disclosed specific details about in-the-wild attacks, Citizen Lab researchers have previously uncovered zero-days used in spyware attacks against high-risk individuals, including journalists, opposition politicians, and dissidents.
Updating your device ensures protection against this and other potential threats.