Apple has rolled out iOS 18.6.2, a security update addressing one high-impact vulnerability, tracked as CVE-2025-43300. The flaw stems from how applications handle image file formats, allowing a malicious image to trigger memory corruption when processed.
The flaw has been exploited in “extremely sophisticated” attacks against “specific targeted individuals,” which strongly suggests the iOS 18.6.2 patch may have shut down a vulnerability already used in spyware campaigns.
Adam Boynton, senior security strategy manager at Jamf, warns that even though exploitation seems targeted, all users should update their devices to the latest version immediately. Here’s what he has to say about iOS 18.6.2:
“The fix in iOS 18.6.2 addresses a flaw in Apple’s ImageIO framework, which enables devices to read and write a wide range of image file formats. CVE-2025-43300 could allow an attacker to trigger memory corruption if a user opens a malicious image file, potentially enabling malicious code execution and compromise of the iPhone.
Apple has indicated that this vulnerability has been exploited in sophisticated, targeted attacks, which typically focus on individuals with highly valued access or contacts, such as journalists, lawyers, activists, and government officials. While Apple has not confirmed whether this specific flaw was linked to spyware, similar vulnerabilities in ImageIO and WebKit have previously been used in Pegasus campaigns.
Even though the exploitation appears targeted, we recommend that all users update to iOS 18.6.2 immediately, particularly those in industries most at risk of spyware attacks.”
