Apple has released its first zero-day patch of 2025 addressing a critical vulnerability that was actively being exploited on iOS devices, SC Media reports.The flaw, tracked as CVE-2025-24085, was classified as a "use after free" issue or memory corruption bug that could let attackers execute malicious code or crash devices. The patch for it is included in updates for visionOS 2.3, iOS 18.3, iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, and tvOS 18.3.Security experts highlighted the risks posed by such vulnerabilities, including one that was also patched in iOS 18.3 and affected Apple’s CoreMedia framework. Attackers could exploit the flaw via a fake app designed to manipulate media files and potentially gain unauthorized access to sensitive user data."Users who don’t update from older iOS versions remain at risk of exploitation, including unauthorized data access, financial loss, and erosion of user privacy," said Sylvain Cortes, vice president of strategy at Hackuity. "These vulnerabilities could allow attackers to execute arbitrary code, access sensitive or confidential information and compromise the security of both personal and corporate data."