Apple has issued an urgent advisory urging customers to upgrade their devices and patch a dangerous zero-click vulnerability that affects iPhones, iPads, and Macs. The issue has been corrected in the current versions of macOS and iOS. The vulnerability allows attackers to compromise devices without requiring user involvement, posing a substantial risk to crypto holders.
The vulnerability is found in Apple's image I/O framework, which handles image files. A malicious image can exploit an out-of-bounds memory write, enabling attackers to execute unauthorized code and gain control of a device. This can result in the theft of crypto wallet data, making owners great targets for sophisticated cyberattacks.
Experts warn that attackers can deploy the exploit via iMessage attachments, which are automatically processed. If a high-value target suspects a compromise, they should promptly migrate wallet keys and secure primary accounts such as email and cloud services.
While most users may struggle to discover exploitation, Apple is continually monitoring for threats and may notify impacted users. Protecting sensitive data and preventing irreparable financial losses requires the prompt installation of the most recent security patches.
