Millions of Apple users were today urged to update their devices after the firm disclosed serious security vulnerabilities for iPhones and iPads.
The tech giant has released emergency security updates revealing that it has been hit by targeted and ‘extremely sophisticated’ attacks.
The hacks could potentially allow attackers to take complete control of devices that haven’t downloaded the latest security patch.
The affected devices are the iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later.
The updates, iOS 18.3.1 and iPadOS 18.3.1, also applies to the iPad mini 5th generation and later.
‘A physical attack may disable USB Restricted Mode on a locked device,’ the company revealed in an advisory targeting iPhone and iPad users.
‘Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.’
Billions of Apple users were today urged to update their devices after the firm disclosed serious security vulnerabilities for iPhones and iPads that could potentially allow attackers to take complete control of them
Apple’s explanation of the vulnerability means a hacker could get ‘full admin access’ to the device, which would allow intruders to impersonate the device’s owner and subsequently run any software in their name.
Updating your iPhones and iPads will ensure that any cybercriminals will not be able to use any of the flaws highlighted in this update against your device.
This is why it is so important to update your device to the latest version of iOS as soon as you can.
Your browser does not support iframes.
So far, there have been no confirmed reports of specific cases where the security flaw had been used against people or devices, and Apple has made no statement on the issue further to an update on its website.
USB Restricted Mode is a security feature – introduced almost seven years ago in iOS 11.4.1 – is meant to make apples devices inaccessible to third-party software after the screen has been locked for one hour.
This means that law enforcement, hackers or any one else who wants to copy the contents of your phone to a computer, flash drive or similar device are out of luck.
![Apple's explanation of the vulnerability means a hacker could get 'full admin access' to the device](https://i.dailymail.co.uk/1s/2025/02/10/20/95067977-14382089-image-a-47_1739218346319.jpg)
Apple’s explanation of the vulnerability means a hacker could get ‘full admin access’ to the device
It was launched in response to technology from a shadowy firm that was designed to unlock any iPhone.
‘GrayKey’, developed by Grayshift, works by connecting the iPhone to the box via a USB cable.
Then, after anywhere from two hours to three days, the phone will display a black screen showing the device’s passcode and other information, according to Malwarebytes.
GrayKey has previously attracted criticism from privacy advocates, as well as cyber security experts, who warned the technology could also fall into the hands of thieves if it ends up on the black market.
Grayshift is run by US intelligence agency contractors and an ex-Apple security engineer.