![\"\"](\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2023\/11\/Apple-software-update-red-critical-urgent-this-is-fine-bg-600x300-1.jpg\")
<\/p>\n<\/p>\n
On Monday, January 27, Apple released urgent updates for all of its operating systems. The updates add new features and address bugs. But more importantly, they fix some critical security vulnerabilities\u2014including one that was “actively exploited” in the wild.<\/p>\n
Let’s explore everything you should know about what Apple changed in these updates.<\/p>\n
In this article:<\/em><\/p>\n Available for: <\/strong>All supported Macs capable of running macOS Sequoia<\/p>\n General update information and new features:<\/strong><\/p>\n This update introduces Genmoji, powered by Apple Intelligence, and also includes other enhancements, bug fixes, and security updates for your Mac.<\/p>\n Genmoji creation in Messages and other apps<\/p>\n<\/li>\n Calculator repeats the last mathematical operation when you click the equal sign again<\/p>\n<\/li>\n Easily manage settings for notification summaries from the Lock Screen (Mac with Apple silicon)<\/p>\n<\/li>\n Updated style for summarized notifications better distinguishes them from other notifications by using italicized text as well as the glyph (Mac with Apple silicon)<\/p>\n<\/li>\n Notification summaries for News & Entertainment apps are temporarily unavailable, and users who opt-in will see them again when the feature becomes available (Mac with Apple silicon)<\/p>\n<\/li>\n<\/ul>\n Enterprise-specific details:<\/strong><\/p>\n Apple Intelligence is turned on automatically after updating to macOS 15.3 or during device setup unless MDM* skips the Apple Intelligence setup pane<\/p>\n<\/li>\n MDM can require sign-in from a specified Workspace ID for requests to external intelligence integrations such as ChatGPT<\/p>\n<\/li>\n MDM can disable transcription summarization in Notes<\/p>\n<\/li>\n AirPlay connects successfully when using the built-in firewall and a content filter extension<\/p>\n<\/li>\n Improves stability for apps over VPN connections when using the built-in firewall and a content filter extension<\/p>\n<\/li>\n<\/ul>\n *MDM is short for “mobile device management” solutions, which businesses use to manage and track Apple devices.<\/p>\n In this update, Apple addressed at least 60 vulnerabilities with CVE (Common Vulnerabilities and Exposures) numbers assigned to them. Here are a handful of notable ones:<\/p>\n AirPlay<\/strong> <\/p>\n CoreMedia<\/strong> <\/p>\n FaceTime<\/strong> <\/p>\n Messages<\/strong> <\/p>\n Spotlight<\/strong> For the full list of security patches included in macOS Sequoia 15.3, have a look here<\/a>.<\/p>\n You can get macOS Sequoia 15.3 by going to System Settings<\/strong> > Software Update<\/strong>, where compatible Macs running macOS Mojave or newer will see the Sequoia update appear. If you have a compatible Mac running macOS High Sierra or older, look for <\/a>macOS Sequoia in the App Store and download it from there.<\/p>\n We don’t know much at this time about the “actively exploited” (zero-day) vulnerability, CVE-2025-24134. Besides the description above, we only know that macOS Sequoia 15.3, iOS 18.3 and iPadOS 18.3, tvOS 18.3, and visionOS 2.3 include fixes for this bug.<\/p>\n Apple released the referenced iOS 17.2 in December 2023, meaning this vulnerability was used in the wild at least 13 months before Apple finally assigned a CVE number and made the patch available. It’s possible that CVE-2025-24134 may have been used as <\/a>part of an exploit chain leveraged by Pegasus<\/a> or similar nation-state caliber spyware.<\/p>\n Note that Apple originally listed 61 CVEs in macOS Sequoia 15.3, but later removed the following CVE from the patch notes for all operating systems. Apparently, based on notes<\/a> in NIST’s National Vulnerability Database, Apple must have quietly “withdrawn” this CVE:<\/p>\n libxslt<\/strong> <\/a>Intego has requested details about why Apple withdrew this CVE, and will update this article if anyone provides an answer.<\/p>\n Available for: <\/strong>All supported Macs currently running macOS Sonoma<\/p>\n Security fixes:<\/strong> For the list of security patches included in Sonoma 14.7.3, have a look here<\/a>.<\/p>\n You can get this update by going to System Settings<\/strong> > Software Update<\/strong>.<\/a><\/p>\n Available for: <\/strong>All supported Macs currently running macOS Ventura<\/p>\n Security fixes:<\/strong> For the list of security patches included in Ventura 13.7.3, have a look here<\/a>.<\/p>\n You can get this update by going to System Settings<\/strong> > Software Update<\/strong>.<\/a><\/p>\n Available for: <\/strong>macOS Sonoma and macOS Ventura<\/p>\n This update addresses at least seven issues with CVEs assigned, with no “additional recognitions” listed. You can read about these patches here<\/a>.<\/p>\n You can get this update via System Settings<\/strong> > Software Update<\/strong> on your Mac.<\/a><\/p>\n Available for:<\/strong> General update information and new features:<\/strong><\/p>\n Visual intelligence with Camera Control (All iPhone 16 models): Notification summaries (All iPhone 16 models, iPhone 15 Pro, iPhone 15 Pro Max): Other enhancements and bug fixes: In this update, Apple addressed at least 28 vulnerabilities with CVEs assigned. Most of them are the same as those found in the other OS updates. Notable fixes specific to iOS and iPadOS include:<\/p>\n Accessibility<\/strong> <\/p>\n Managed Configuration<\/strong> <\/p>\n Passkeys<\/strong> The details of the security issues that were addressed can be found here<\/a>. To get this latest update, connect your device to your Mac and follow the update prompts. You can also download these updates over the air by going to Settings<\/strong> > General<\/strong> > Software Update<\/strong> on your device.<\/a><\/p>\n Available for:\u00a0<\/strong>iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation<\/p>\n Security fixes and updates:<\/strong><\/p>\n This update addresses 17 issues, most of them the same as those addressed in the iPadOS 18 update.<\/p>\n The full list of security issues that were addressed can be found here<\/a>. To get your hands on this latest update, connect your device to your Mac and follow the update prompts. You can also download these updates over the air by going to Settings<\/strong> > General<\/strong> > Software Update<\/strong> on your device.<\/p>\n Interestingly, Apple did not release an update for iOS 17, and has not since November 2024; Apple also skipped iOS 17 in December when the company released iPadOS 17.7.3. It is likely that iOS 17 won’t see any more security updates going forward. This is a logical move, as all iPhones that can run iOS 17 are capable of running iOS 18; meanwhile, Apple cut off some iPads from iPadOS 18.<\/a><\/p>\n Available for: <\/strong>Apple Watch Series 6 and later<\/p>\n Security-related fixes and updates: The full list of security issues that were addressed can be found here<\/a>. To install this update, make sure your iPhone is up to date first, both your phone and watch are connected to the same Wi-Fi network, and the watch has at least a 50% charge. Then open the Watch app on your phone and tap General<\/strong> > Software Update<\/strong>.<\/a><\/p>\n Available for: <\/strong>Apple TV HD and Apple TV 4K (all models)<\/p>\n Security-related fixes and updates:<\/strong> The full list of security issues that were addressed can be found here<\/a>. To install this update, go to Settings > System > Software Updates<\/strong> on your Apple TV.<\/a><\/p>\n Available for:<\/strong> Apple Vision Pro<\/p>\n Security-related fixes and updates:<\/strong> The full list of security issues that were addressed can be found here<\/a>. To install this update, go to Settings > General > Software Update<\/strong><\/a><\/p>\n Though some of the following shouldn’t come as a big surprise, Apple did not release security updates for any of the following operating systems this month:<\/p>\n With the exception of iOS 17, each of these operating systems was a cutoff point for some hardware; some devices are stuck with these OS versions and cannot be upgraded to the current ones. However, all devices currently running iOS 17 are capable of running iOS 18; owners should install the free upgrade.<\/p>\n If you have an older device that cannot be upgraded to the latest version of iOS or iPadOS (18.x) or watchOS (11.x), you should strongly consider purchasing a newer model. The latest models of iPhone, iPad, and Apple Watch can run the newest operating systems, and can thus get all available security updates.<\/a><\/p>\n If you haven’t yet upgraded to macOS Sequoia<\/strong>, be sure to first update your critical software. For example, run Intego’s NetUpdate utility and install all available updates, and then check for updates for all other software that you use regularly. Next, check for macOS updates by going to System Settings > General > Software Update.<\/p>\n If you have any trouble getting the macOS update to show up, either press \u2318R at the Software Update screen, or type in the Terminal Note that only the latest macOS version (currently, that’s macOS Sequoia) is ever fully patched<\/strong>; older macOS versions only get a subset of those patches and remain vulnerable. Therefore, staying on the latest macOS version is critically important for maintaining your security and privacy. For more information, see our article, “When does an old Mac become unsafe to use?<\/a>”<\/p>\n <\/p>\n Users of iPhone or iPad<\/strong> can open the Settings app and choose General > Software Update to update iOS or iPadOS on their devices. (This is called an “over the air” or OTA update.) Alternatively, you can connect your device to your Mac, click on the device name in a Finder window sidebar, and check for updates there; or, if you use a Windows PC, you can use the Apple Devices app<\/a>.<\/p>\n To update watchOS on your Apple Watch<\/strong>, the process is a bit more complicated. First, update your iPhone to the latest iOS version. Next, ensure that both your iPhone and Apple Watch are on the same Wi-Fi network. Your Apple Watch also needs to have at least a 50% charge. Then open the Watch app on your iPhone and tap General > Software Update.<\/p>\n To update tvOS on your Apple TV<\/strong>, open the Settings app and choose System > Software Updates.<\/p>\n Although Apple doesn’t list HomePod Software<\/strong> on its security updates page, its operating system (sometimes called audioOS) gets updates, too; the OS build numbers<\/a> are identical to tvOS, and presumably include the same updates. Your HomePod should update automatically. However, if you would like to update your HomePod or HomePod mini’s operating system manually, you can go into the Home<\/strong> app on your iPhone or iPad, then tap the\u00a0House icon<\/strong> > Home Settings<\/strong> > Software Update<\/strong> > temporarily disable (toggle off) Install Updates Automatically<\/strong> > then tap Install<\/strong>. After updating, remember to re-enable the Install Updates Automatically<\/strong> setting.<\/p>\n <\/p>\n Whenever you’re preparing to update macOS, iOS, or iPadOS, it’s a good idea to always back up your data<\/strong> before installing any updates. This gives you a restore point if something does not go as planned. See our related article on how to check your macOS backups to ensure they work correctly<\/a>.<\/p>\n How to Verify Your Backups are Working Properly<\/a><\/p><\/blockquote>\n\n
\n
macOS Sequoia 15.3<\/h3>\n
\n
\n
Security fixes in macOS Sequoia 15.3<\/strong><\/h4>\n
\n
\nImpact: An attacker in a privileged position may be able to perform a denial-of-service
\nDescription: The issue was addressed with improved memory handling.
\nCVE-2025-24131: Uri Katz (Oligo Security)<\/p>\n
\nImpact: A malicious application may be able to elevate privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 17.2.<\/span><\/strong>
\nDescription: A use after free issue was addressed with improved memory management.
\nCVE-2025-24085<\/p>\n
\nImpact: An app may be able to access user-sensitive data
\nDescription: An information disclosure issue was addressed with improved privacy controls.
\nCVE-2025-24134: Kirin (@Pwnrin)<\/p>\n
\nImpact: An app may be able to access user-sensitive data
\nDescription: This issue was addressed with improved redaction of sensitive information.
\nCVE-2025-24101: Kirin (@Pwnrin)<\/p>\n
\nImpact: A malicious application may be able to leak sensitive user information
\nDescription: This issue was addressed through improved state management.
\nCVE-2025-24138: Rodolphe BRUNETTI (@eisw0lf) of Lupus Nova<\/p>\n<\/blockquote>\nDetails about the zero-day vulnerability, CVE-2025-24134<\/strong><\/h4>\n
Apple silently removed CVE-2025-24166 from the patch notes<\/strong><\/h4>\n
\nFormerly listed as patched in: macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3, iOS 18.3 and iPadOS 18.3, iPadOS 17.7.4, and visionOS 2.3
\nImpact: Processing maliciously crafted web content may lead to an unexpected process crash
\nDescription: This issue was addressed through improved state management.
\nCVE-2025-24166: Ivan Fratric of Google Project Zero<\/p><\/blockquote>\nmacOS Sonoma 14.7.3<\/h3>\n
\nIn this update, Apple addressed at least 41 vulnerabilities with CVEs assigned. Most of them are the same as those found in the Sequoia update.<\/p>\nmacOS Ventura 13.7.3<\/h3>\n
\nIn this update, Apple addressed at least 31 vulnerabilities with CVEs assigned. Most of them are the same as those found in the Sequoia update.<\/p>\nSafari 18.3 for macOS Ventura and Sonoma<\/h3>\n
iOS 18.3 and iPadOS 18.3<\/h3>\n
\niPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later<\/p>\n
\n\u2022 Add an event to Calendar from a poster or flyer
\n\u2022 Easily identify plants and animals<\/p>\n
\n\u2022 Easily manage settings for notification summaries from the Lock Screen
\n\u2022 Updated style for summarized notifications better distinguishes them from other notifications by using italicized text as well as the glyph
\n\u2022 Notification summaries for News & Entertainment apps are temporarily unavailable, and users who opt-in will see them again when the feature becomes available<\/p>\n
\n\u2022 Calculator repeats the last mathematical operation when you tap the equals sign again
\n\u2022 Fixes an issue where the keyboard might disappear when initiating a typed Siri request
\n\u2022 Resolves an issue where audio playback continues until the song ends even after closing Apple Music<\/p>\nSecurity fixes in iOS 18.3 and iPadOS 18.3<\/strong><\/h4>\n
\n
\nImpact: An attacker with physical access to an unlocked device may be able to access Photos while the app is locked
\nDescription: An authentication issue was addressed with improved state management.
\nCVE-2025-24141: Abhay Kailasia (@abhay_kailasia) from C-DAC Thiruvananthapuram India<\/p>\n
\nImpact: Restoring a maliciously crafted backup file may lead to modification of protected system files
\nDescription: This issue was addressed with improved handling of symlinks.
\nCVE-2025-24104: Hichem Maloufi, Hakim Boukhadra<\/p>\n
\nImpact: An app may gain unauthorized access to Bluetooth
\nDescription: This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.
\nCVE-2024-9956: mastersplinter<\/p>\n<\/blockquote>\niPadOS 17.7.4<\/h3>\n
watchOS 11.3<\/h3>\n
\n<\/strong>Apple addressed at least 17 vulnerabilities with CVEs in this update, mostly the same as in the other OS updates.<\/p>\ntvOS 18.3<\/h3>\n
\nApple addressed at least 17 vulnerabilities with CVEs in this update, mostly the same as in the other OS updates.<\/p>\nvisionOS 2.3<\/h3>\n
\nApple addressed at least 20 vulnerabilities with CVEs in this update, mostly the same as in the other OS updates.<\/p>\nWhat Apple didn’t patch<\/h3>\n
\n
How to install Apple security updates<\/h3>\n
For macOS updates<\/strong><\/h4>\n
softwareupdate -l<\/code> (that\u2019s a lowercase L) and press Return\/Enter, then check System Settings > General > Software Update again.<\/p>\nFor other Apple OS updates<\/strong><\/h4>\n
It’s wise to back up before updating<\/strong><\/h4>\n