Update Your iGear! Apple Addresses Dozens of Security Issues Across the Board

Apple has issued a round of updates across its entire product lineup to address dozens of security weaknesses.

Almost a month after addressing nasty software flaws said to be exploited by attackers, Apple is rolling out a new batch of updates that address dozens of newly discovered bugs.

As always, Bitdefender recommends users prioritize these updates.

iOS 18.5 and iPadOS 18.5

Available for most iPhones and iPads in circulation, iOS 18.5 and iPadOS 18.5 address more than 30 security issues in FaceTime, iCloud,  Mail, Notes, WebKit, Security, and the underlying OS Kernel and other key areas.

None of the flaws are actively exploited – at least not to Apple’s knowledge. However, now that the list of issues is public, iPhone and iPad users should update as soon as possible.

The update is available for iPhone XS and newer models, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and newer, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and newer, iPad 7th generation and newer, and iPad mini 5th generation and newer.

iPadOS 17.7.7

For tablet owners still running the previous generation OS, Apple offers iPadOS 17.7.7 to address issues in areas like AirDrop, Security, Mail, and FaceTime, as well as in areas responsible for processing media files, like CoreAudio, CoreGraphics, CoreMedia, and AppleJPEG.

The update targets users of iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation.

macOS Sequoia 15.5, macOS Sonoma 14.7.6, and macOS Ventura 13.7.6

Since Apple products share underlying software components, the updates released for Mac users address virtually the same flaws, plus a few Mac-specific ones.

Notably, the updates on the Mac side address multiple issues in the Security department, including one tracked as CVE-2025-31213 where “An app may be able to access associated usernames and websites in a user's iCloud Keychain.”

Users who may need to postpone updating their Macs – for example, to finish work before restarting – can at least address all the WebKit issues by deploying Safari 18.5.

watchOS 11.5, tvOS 18.5, visionOS 2.5

Similar bugs are addressed in the Apple Watch, the Apple TV media center and the Apple Vision headset – albeit fewer.

Notably, the advisory for Apple Watch users lists a vulnerability said to have been exploited in the wild, but on iOS – the operating system powering iPhones.

Apple says it has received word of a report that “this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS released before iOS 18.4.1.”

Apple discovered the CoreAudio flaw, tracked as CVE-2025-31200, with the help of Google’s Threat Analysis Group.

According to the description, “Processing an audio stream in a maliciously crafted media file may result in code execution.”

In other words, an attacker can exploit the flaw to run commands on the vulnerable device, including malicious code.

As of today, Apple users will want the following versions installed:

·      iOS 18.5 and iPadOS 18.5 – for iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later.

·      iPadOS 17.7.7 – for iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation

·      macOS Sequoia 15.5

·      macOS Sonoma 14.7.6

·      macOS Ventura 13.7.6

·      watchOS 11.5 – for Apple Watch Series 6 and newer models

·      tvOS 18.5 – for Apple TV HD and Apple TV 4K (all models)

·      visionOS 2.5 – for the Apple Vision Pro

·      Safari 18.5 – for macOS Ventura and macOS Sonoma

For peace of mind, run a dedicated security solution on all your personal devices. On iOS and macOS, keep the trusty Lockdown Mode toggle handy if you have reason to believe hackers might be targeting you.