News

Apple urges immediate updates after zero-click image-processing flaw that risks crypto users

Apple urges immediate updates after zero-click image-processing flaw that risks crypto users
Photo by Andy Wang / Unsplash

Apple has released patches for a serious zero-click vulnerability in its image-processing framework that could let highly skilled attackers take over iPhones, iPads and Macs. The company is urging users to install the available updates as soon as possible to close the gap.

The flaw exists in Apple’s Image I/O system, which apps use to read and write many image formats. Due to an implementation error, processing a specially crafted image can trigger an out-of-bounds memory write, giving an attacker the ability to alter memory regions they shouldn’t be able to touch and — in the worst case — execute arbitrary code on the device.

Apple notes that the bug may have been exploited in targeted, sophisticated attacks. Because this is a zero-click issue, a malicious image delivered via a service such as iMessage can be processed automatically without any interaction from the user, increasing the risk of stealthy compromises.

The vulnerability was addressed in recent updates across Apple platforms, including macOS Sonoma 14.7.8, macOS Ventura 13.7.8, macOS Sequoia 15.6.1, iOS 18.6.2 and iPadOS 17.7.10 and 18.6.2. Users should confirm their devices are running the latest builds and install any outstanding system updates immediately.

Cybersecurity specialists warn that people who use their devices to store or sign cryptocurrency transactions are a particularly attractive target. Because blockchain transfers are irreversible and directly convert device access into financial gain, attackers have strong incentives to exploit vulnerabilities that grant access to wallet data or signing keys.

For high-value targets or anyone who suspects their device may have been targeted, experts recommend treating credentials and keys as potentially compromised: move funds to new wallet keys, secure primary accounts (email, cloud) that could be abused for account recovery, and follow a documented incident-response plan rather than acting impulsively. Patching is essential, but immediate account hardening and key rotation are critical if compromise is suspected.

For most users, checking for and applying the official Apple updates will mitigate the risk. While system logs can sometimes show signs of unusual activity, interpreting them is difficult; vendors like Apple are generally best placed to detect exploitation and, when appropriate, notify affected users directly.

Read more