On Monday, February 10, Apple released urgent security updates for iOS and iPadOS. The updates address a single “actively exploited” (i.e. in-the-wild, or zero-day) vulnerability.
Apple also released updates for macOS, watchOS, and visionOS. Let’s take a look at what we know—and what we don’t know—about these updates.
Available for: All supported iPads capable of running iPadOS 18 or iPadOS 17
In these updates, Apple addressed a single vulnerability:
Accessibility
Impact: A physical attack may disable USB Restricted Mode on a locked device. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.
Description: An authorization issue was addressed with improved state management.
CVE-2025-24200: Bill Marczak of The Citizen Lab at The University of Toronto’s Munk School
Apple introduced USB Restricted Mode as a security feature in iOS 11.4.1; it’s included in all later versions of iOS and iPadOS, as well. USB Restricted Mode prevents locked devices from leaking data to any accessories connected to the USB-C or Lightning port.
In other words, for any accessory (that does more than charging) to work with your iPhone or iPad, your device needs to be unlocked at the time you connect it.
This helps prevent, for example, hacker tools like Grayshift’s GrayKey from being able to break into a locked device. Such hacker tools are mostly available to government and law enforcement agencies, but it’s possible for them to fall into the wrong hands.
Apple released other operating system updates on Monday, too, as follows:
Strangely, Apple has not made it clear what these updates contain.
The company says generically that the other updates provide “important security fixes” and are “recommended for all users.” However, Apple’s security releases page says that each of these updates “has no published CVE entries.”
CVE stands for Common Vulnerabilities and Exposures. Apple assigns CVE numbers to most vulnerabilities in its products. This is useful to researchers and IT administrators; they can track whether a specific vulnerability exists across multiple products.
So if this round of updates doesn’t address any CVE-numbered vulnerabilities, why does Apple say the updates contain “important security fixes”? Perhaps Apple addressed other security issues—which Apple deemed too insignificant to justify assigning a CVE.
Or, perhaps more likely, Apple just copied and pasted boilerplate text, but didn’t actually make security improvements. If anything else had changed, one might expect Apple to note some “Additional recognitions” in its iOS and iPadOS security release notes. Because of commonalities between the code base of each OS, the absence of this section from the iOS and iPadOS security notes seems to imply a copy-paste job in the general release notes for each of this week’s Mac, Apple Watch, and Apple Vision Pro operating system updates.
Notably absent from this week’s round of updates were Apple TV’s tvOS, and HomePod Software (also known as audioOS).
If you haven’t yet upgraded to macOS Sequoia, be sure to first update your critical software. For example, run Intego’s NetUpdate utility and install all available updates, and then check for updates for all other software that you use regularly. Next, check for macOS updates by going to System Settings > General > Software Update.
If you have any trouble getting the macOS update to show up, either press ⌘R at the Software Update screen, or type in the Terminal softwareupdate -l (that’s a lowercase L) and press Return/Enter, then check System Settings > General > Software Update again.
Note that Apple only ever fully patches the latest macOS version (currently, that’s macOS Sequoia); older macOS versions only get a subset of those patches and remain vulnerable. Therefore, staying on the latest macOS version is critically important for maintaining your security and privacy. For more information, see our article, “When does an old Mac become unsafe to use?”
Users of iPhone or iPad can open the Settings app and choose General > Software Update to update iOS or iPadOS on their devices. (This is called an “over the air” or OTA update.) Alternatively, you can connect your device to your Mac, click on the device name in a Finder window sidebar, and check for updates there; or, if you use a Windows PC, you can use the Apple Devices app.
Similarly, users of Apple Vision Pro can open the Settings app and choose General > Software Update to update visionOS.
To update watchOS on your Apple Watch, the process is a bit more complicated. First, update your iPhone to the latest iOS version. Next, ensure that both your iPhone and Apple Watch are on the same Wi-Fi network. Your Apple Watch also needs to have at least a 50% charge. Then open the Watch app on your iPhone and tap General > Software Update.
Whenever you’re preparing to update macOS, iOS, or iPadOS, it’s a good idea to always back up your data before installing any updates. This gives you a restore point if something does not go as planned. See our related article on how to check your macOS backups to ensure they work correctly.
See also our article on how to back up your iPhone or iPad to iCloud and to your Mac.
Should you back up your iPhone to iCloud or your Mac? Here’s how to do both
You can also subscribe to our e-mail newsletter and keep an eye here on The Mac Security Blog for the latest Apple security and privacy news. And don’t forget to follow Intego on your favorite social media channels: 
