CyberSecurity news

FlagThis - #securityupdates

Bill Mann@CyberInsider //

Google Patches Actively Exploited Android Zero-Day Vulnerabilities - Google released its April 2025 Android Security Bulletin, addressing 62 vulnerabilities, including two actively exploited zero-day vulnerabilities in the Linux kernel's USB sub-component.
Google has released its April 2025 Android security update, addressing a total of 62 vulnerabilities. This includes fixes for two actively exploited zero-day vulnerabilities. The security bulletin addresses vulnerabilities across system components, the Linux kernel, and third-party hardware drivers, highlighting the importance of applying updates promptly. The two high-severity zero-days were reportedly used in targeted surveillance operations.

The exploited vulnerabilities are identified as CVE-2024-53150 and CVE-2024-53197. CVE-2024-53150 is an Android Kernel information disclosure vulnerability caused by an out-of-bound read weakness, potentially allowing local attackers to access sensitive information. CVE-2024-53197 is a high-severity privilege escalation flaw in the Linux kernel’s USB-audio driver for ALSA devices.

The privilege escalation flaw, CVE-2024-53197, was reportedly exploited by Serbian authorities to unlock confiscated Android devices. This was part of a zero-day exploit chain developed by Cellebrite, an Israeli digital forensics company. The exploit chain also included CVE-2024-53104, patched in February 2025, and CVE-2024-50302, patched last month. With this latest update, all three vulnerabilities in that chain are now fixed. Users are advised to apply the updates as soon as they are released by Android original equipment manufacturers (OEMs).

Recommended read:
References :
  • CyberInsider: Google Patches Actively Exploited Android Zero-Day Vulnerabilities
  • discuss.privacyguides.net: Google just fixed two critical Android zero-days and 60 other flaws
  • The Hacker News: Google Releases Android Update to Patch Two Actively Exploited Vulnerabilities
  • BleepingComputer: Google fixes Android zero-days exploited in attacks, 60 other flaws
  • securityaffairs.com: Google addressed 62 vulnerabilities with the release of Android ‘s April 2025 security update, including two actively exploited zero-days.
  • cyberinsider.com: Google’s April 2025 Android Security Bulletin addresses 60 vulnerabilities across system components, the Linux kernel, and third-party hardware drivers, including two high-severity zero-days that have been actively exploited in targeted surveillance operations.
  • Threats | CyberScoop: Google addresses 2 actively exploited vulnerabilities in security update
  • techcrunch.com: Google fixes two Android zero-day bugs actively exploited by hackers
  • Malwarebytes: Google fixes two actively exploited zero-day vulnerabilities in Android
  • cyberscoop.com: Google addresses 2 actively exploited vulnerabilities in security update
  • techcrunch.com: Google fixes two Android zero-day bugs actively exploited by hackers
  • MSSP feed for Latest: Google Patches Two Zero-Days in April 2025 Android Security Update
  • infosec.exchange: NEW: Google has pushed out patches for two zero-days that were being (and may still be) exploited in the wild. Amnesty previously found that one of them was being used against a student activist in Serbia, by Serbian authorities armed with Cellebrite.
  • Cyber Security News: Google addressed 62 vulnerabilities with the release of Android ‘s April 2025 security update, including two actively exploited zero-days.
Bill Mann@CyberInsider //

Apple Releases Security Updates Patching Zero Day Exploits - Apple released iOS 18.4, macOS Sequoia 15.4, and other updates addressing multiple vulnerabilities, including exploited zero-day flaws in WebKit and Accessibility.
References: bsky.app , CyberInsider , The Apple Post ...
Apple has released a series of critical security updates for its operating systems, including iOS 18.4 and macOS Sequoia 15.4. These updates address a total of 145 vulnerabilities, including several zero-day exploits that may have been actively exploited. Users of iOS, iPadOS, macOS, tvOS, visionOS, Safari, and Xcode are urged to update their devices immediately to safeguard against potential security threats. Notably, watchOS was missing from this patch lineup.

Apple pushed emergency updates targeting three zero-day vulnerabilities identified as CVE-2025-24200 (Accessibility) and CVE-2025-24201 (WebKit). These patches have been backported to older iOS and iPadOS versions, specifically 15.8.4 and 16.7.11, ensuring that users on older devices are also protected from these actively exploited flaws. The updates include fixes for bugs in WebKit, Siri, Safari, and libxpc, along with numerous other security enhancements, underscoring Apple's commitment to addressing security vulnerabilities across its product ecosystem.

Recommended read:
References :
  • bsky.app: EMERGENCY UPDATES Apple pushed additional updates for 3 zero-days that may have been actively exploited. CVE-2025-24200 (Accessibility) additional patches, CVE-2025-24201 (WebKit) additional patches: - iOS and iPadOS 15.8.4 - iOS and iPadOS 16.7.11
  • CyberInsider: Apple has issued a wide set of security updates, patching multiple zero-day vulnerabilities across its operating systems — including iOS, macOS, iPadOS, and Safari — and notably extended critical fixes to older software versions, addressing previously exploited flaws.
  • isc.sans.edu: Apple Patches Everything: March 31st 2025 Edition, (Mon, Mar 31st)
  • The Apple Post: Apple releases iOS 18.4 with Priority Notifications feature, Control Center updates, new emoji, more
  • bsky.app: NEW SECURITY CONTENT - macOS Sequoia 15.4 - 131 bugs fixed macOS Sonoma 14.7.5 - 91 bugs fixed macOS Ventura 13.7.5 - 85 bugs fixed iOS and iPadOS 18.4 - 62 bugs fixed visionOS 2.4 - 38 bugs fixed iPadOS 17.7.6 - 38 bugs fixed tvOS 18.4 - 36 bugs fixed
  • securityaffairs.com: Apple has backported fixes for three actively exploited vulnerabilities to older devices and OS versions. The three vulnerabilities are: Apple released the following updates: that are available for the following devices:
  • The Register - Security: Apple belatedly patches actively exploited bugs in older OSes
  • thecyberexpress.com: Apple Backports Zero-Day Patches to Older Devices in Latest Security Update
  • The Hacker News: Apple Backports Critical Fixes for 3 Live Exploits Impacting iOS and macOS Legacy Devices
Pierluigi Paganini@Security Affairs //

Apple Backports Fixes for Actively Exploited Zero Days - Apple released security updates with backported fixes for three actively exploited zero-day vulnerabilities, including one bypassing USB Restricted Mode and another affecting the WebKit engine.
Apple released a substantial set of security updates on March 31st, 2025, addressing a total of 145 vulnerabilities across its product ecosystem, including iOS, iPadOS, macOS, tvOS, visionOS, Safari, and Xcode. Notably absent from this update was watchOS. The updates included backported fixes for three actively exploited zero-day vulnerabilities, specifically targeting older iOS and iPadOS versions. These vulnerabilities had already been addressed in more recent versions a few weeks prior.

The most critical fix is for CVE-2025-24200, a vulnerability that allowed attackers to bypass USB Restricted Mode. This feature, introduced in 2018 to protect locked iDevices, could be disabled, potentially exposing user data. Another significant fix addresses CVE-2025-24201, a flaw in the WebKit engine that allowed malicious web content to escape Safari's sandbox. Additionally, macOS Ventura received a patch for CVE-2025-24085, a privilege escalation vulnerability in CoreMedia. These updates are now available for iOS versions 16.7.11 and 15.8.4, iPadOS versions 16.7.11 and 15.8.4, and macOS Ventura 13.7.5.

Recommended read:
References :
Pierluigi Paganini@Security Affairs //

Apple Patches Exploited Zero-Days for Older Devices - Apple released security updates for older iPhones and Macs, patching actively exploited zero-day vulnerabilities that could allow privilege elevation or arbitrary code execution.
Apple has released security updates to address actively exploited zero-day vulnerabilities impacting older iPhones and Macs. The patches aim to fix flaws that could allow malicious actors to elevate privileges or execute arbitrary code on affected devices. These updates address CVE-2025-24200, CVE-2025-24201, and CVE-2025-24085, and are now available for iOS 15.8.4, iPadOS 15.8.4, iOS 16.7.11, iPadOS 16.7.11, macOS Sonoma 14.7.5, and macOS Ventura 13.7.5.

The vulnerabilities include a use-after-free bug in the Core Media component (CVE-2025-24085), an authorization issue in the Accessibility component (CVE-2025-24200), and an out-of-bounds write issue in the WebKit component (CVE-2025-24201). Apple addressed the flaw in iOS 18.3.1, iPadOS 18.3.1, and 17.7.5, released on February 10, 2025. CVE-2025-24200 specifically allowed attackers with physical access to locked devices to disable USB Restricted Mode. Users of older devices, including iPhone 6s, iPhone 7, iPhone 8, iPhone X, iPad Air 2, and various iPad Pro models, are urged to update their systems to safeguard against potential threats.

Recommended read:
References :

Posts

Blogs

Research Tools