Apple has released iOS 18.3, and if you haven’t updated your iPhone or iPad yet, now is the time. The update fixes a critical zero-day security vulnerability that Apple says “may have been actively exploited’ in earlier versions of iOS.
The Zero-Day Threat
The most serious flaw fixed by this update, tracked as CVE-2025-24085, is in CoreMedia, a fundamental part of iOS responsible for handling media playback. According to Apple, this vulnerability could allow a malicious application to elevate its privileges, potentially giving an attacker deeper access to the device. Even more concerning, Apple acknowledges that this issue may have already been exploited in attacks targeting devices running iOS versions prior to 17.2.
The vulnerability stems from a use-after-free memory management issue, which Apple has mitigated with improved memory handling in iOS 18.3.
Photos App Lock Bypass
Another major security flaw fixed in iOS 18.3 is CVE-2025-24141, which could allow an attacker with physical access to an unlocked iPhone or iPad to bypass the Photos app’s lock and view images without proper authentication. While this requires hands-on access to the device, it is a significant privacy concern for users.
Read more: How to View All the Devices Linked to Your iPhone
Why You Should Update Now
Zero-day vulnerabilities are particularly dangerous because they are actively exploited before a fix becomes available. If you are using an older version of iOS, your device could be at risk of being targeted. Updating to iOS 18.3 ensures you are protected against these threats, as well as other security and bug fixes included in the release.
Apple’s full release notes for iOS 18.3 are available here. To update your device, go to Settings > General > Software Update and install iOS 18.3 as soon as possible.
[Image credit: Screenshot via Techlicious, iPhone mockup via Canva]
