• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
APPLE-SA-03-31-2025-6 iOS 15.8.4 and iPadOS 15.8.4
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

APPLE-SA-03-31-2025-6 iOS 15.8.4 and iPadOS 15.8.4

  • Subject: APPLE-SA-03-31-2025-6 iOS 15.8.4 and iPadOS 15.8.4
  • From: Apple Product Security via Security-announce <email@hidden>
  • Date: Mon, 31 Mar 2025 16:07:16 -0700
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-03-31-2025-6 iOS 15.8.4 and iPadOS 15.8.4

iOS 15.8.4 and iPadOS 15.8.4 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/122345.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

Accessibility
Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone SE
(1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch
(7th generation)
Impact: A physical attack may disable USB Restricted Mode on a locked
device. Apple is aware of a report that this issue may have been
exploited in an extremely sophisticated attack against specific targeted
individuals.
Description: An authorization issue was addressed with improved state
management.
CVE-2025-24200: Bill Marczak of The Citizen Lab at The University of
Toronto’s Munk School

WebKit
Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone SE
(1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch
(7th generation)
Impact: Maliciously crafted web content may be able to break out of Web
Content sandbox. This is a supplementary fix for an attack that was
blocked in iOS 17.2. (Apple is aware of a report that this issue may
have been exploited in an extremely sophisticated attack against
specific targeted individuals on versions of iOS before iOS 17.2.)
Description: An out-of-bounds write issue was addressed with improved
checks to prevent unauthorized actions.
WebKit Bugzilla: 285858
CVE-2025-24201: Apple

This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/

iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting
Don't Install will present the option the next time you connect
your iOS device.

The automatic update process may take up to a week depending on
the day that iTunes or the device checks for updates. You may
manually obtain the update via the Check for Updates button
within iTunes, or the Software Update on your device.

To check that the iPhone, iPod touch, or iPad has been updated:

* Navigate to Settings
* Select General
* Select About. The version after applying this update will be
"iOS 15.8.4 and iPadOS 15.8.4".

All information is also posted on the Apple Security Releases
web site: https://support.apple.com/100100.

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEsz9altA7uTI+rE/qX+5d1TXaIvoFAmfrHakACgkQX+5d1TXa
Ivob6g/7ByZnFmxF8k0zthvkKN/BxLdqLO74K1tBTWeFhnJ86+0v39vnclThwjFb
JKBsyuoWwBr+x7ZEbbPi+ILUEnw9EsYdBpPsikyvP90cMRkoEJmGDf6NXpvTDmdh
yaKgqOaZBt5NpWUMQ0I4b6eUOAjqoDtIDP06kXsrd0/073/mDKZJqPjhYABevwgb
lHRRk/tSrRZ3/oTQ/Y/Ed8f7isOjPjdnLaszs9iUzEhySD53ZW169fqH20NY9qdf
b/G+be2xL6Ba6CuDXb/v/16CfCKtYMTAXPpLjzcg2M3qf5LaTYYC3zCfZ8J3d35h
bFgQrnKOE3cpVaKKtzVlLouopM+ROvy7S7Lt/rLb1/HqSfg5NMkGuvXh2m92XwqF
b8OAk5V0iimcRsmfwYLsrvkLg642g2pCP5ZPP2GJMqHwOdveSbmP1Jn/ckEMpvHm
wQmv5gIOH173zrjkyeG9xrJupCUBycWxQXGwOnX5bhFu+w7MYmptRKx+SXdWcqsO
aQueWPpTPDiOFRwuu21x+R/FzM5ZxOXQ+k11u3YuXFpPfGD2dSNIJp9ObmLACuE4
uGX4AT5NJSAnDmoAxEiOwdhFrSyl6xO7w2iz9im0bkx+vi5XiWZtpJzdN8Rv/oZK
VMTCdIpYwads8GaYIgRtYKriCDk3Po0j5KsPmJTqenkvmu+AA54=
=CAQu
-----END PGP SIGNATURE-----

 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Security-announce mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden
  • Prev by Date: APPLE-SA-03-31-2025-5 iOS 16.7.11 and iPadOS 16.7.11
  • Next by Date: APPLE-SA-03-31-2025-7 macOS Sequoia 15.4
  • Previous by thread: APPLE-SA-03-31-2025-5 iOS 16.7.11 and iPadOS 16.7.11
  • Next by thread: APPLE-SA-03-31-2025-7 macOS Sequoia 15.4
  • Index(es):
    • Date
    • Thread