2 min read
The National Computer Emergency Response Team (NCERT) has raised a critical alert over a newly discovered zero-day flaw in Apple ImageIO framework, tracked as CVE-2025-43300. The vulnerability, now confirmed to be under active exploitation, lets attackers overwrite system memory by simply getting a user to open a malicious image file, potentially giving them complete control over iPhones, iPads, and MacBooks.
NCERT has classified the issue as high-risk, warning that it could lead to memory corruption, unauthorized access, and data exposure. Attackers can remotely trigger the flaw without needing special permissions, making it especially dangerous for both individuals and enterprise users.
Apple has responded quickly, releasing urgent security patches to mitigate the threat. The vulnerability first appeared in iOS 17.4 and continues to affect later versions of Apple’s operating systems. NCERT advises immediate updates to iOS and iPadOS 18.6.2, and macOS Sequoia 15.6.1, Ventura 13.7.8, or Sonoma 14.7.8.
For users who cannot update right away, NCERT recommends avoiding unknown image files, disabling automatic image rendering, and monitoring system logs for suspicious memory activity or crashes.
While no official indicators of compromise (IoCs) have been published yet, organizations are urged to maintain heightened vigilance. NCERT suggests enabling automatic updates, enforcing patch compliance through MDM tools, and strengthening endpoint monitoring to spot potential exploit attempts involving image files.
The reporter suggest, this latest vulnerability underscores the growing trend of image-based cyberattacks, where a single photo can compromise an entire device, reminding Apple users that prompt patching is their best defense.
