![Samsung's New Galaxy S25 Edge Takes Aim at 'iPhone 17 Air' [Video]](https://www.iclarified.com/images/news/97276/97276/97276-640.jpg)
![Apple to Launch AI-Powered Battery Saver Mode in iOS 19 [Report]](https://www.iclarified.com/images/news/97309/97309/97309-640.jpg)
![Apple Officially Releases macOS Sequoia 15.5 [Download]](https://www.iclarified.com/images/news/97308/97308/97308-640.jpg)
![Walmart’s $30 Google TV streamer is now in stores and it supports USB-C hubs [Video]](https://i0.wp.com/9to5google.com/wp-content/uploads/sites/4/2025/05/onn-4k-plus-store-reddit.jpg?resize=1200%2C628&quality=82&strip=all&ssl=1)
_Piotr_Adamowicz_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale#)
![Ditching a Microsoft Job to Enter Startup Purgatory with Lonewolf Engineer Sam Crombie [Podcast #171]](https://cdn.hashnode.com/res/hashnode/image/upload/v1746753508177/0cd57f66-fdb0-4972-b285-1443a7db39fc.png?#)
-Fallout-Season-2-Teaser-00-00-36.png?width=1920&height=1920&fit=bounds&quality=70&format=jpg&auto=webp#)
Apple Security Update: Multiple Vulnerabilities in macOS & iOS Patched
Apple has released critical security updates for macOS Sequoia, addressing multiple vulnerabilities that could allow malicious applications to access sensitive user data. The update, macOS Sequoia 15.5, fixes eight major Important flaws that specifically target user privacy and data security across various system components. According to Apple’s security advisory, the update addresses vulnerabilities affecting components […] The post Apple Security Update: Multiple Vulnerabilities in macOS & iOS Patched appeared first on Cyber Security News.
Apple has released critical security updates for macOS Sequoia, addressing multiple vulnerabilities that could allow malicious applications to access sensitive user data.
The update, macOS Sequoia 15.5, fixes eight major Important flaws that specifically target user privacy and data security across various system components.
According to Apple’s security advisory, the update addresses vulnerabilities affecting components including Apple Intelligence Reports, Core Bluetooth, Finder, and the privacy control system TCC (Transparency, Consent, and Control).
“For our customers’ protection, Apple doesn’t disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available,” the company stated in its security content document.
However, the details released reveal concerning privacy implications if these vulnerabilities remain unpatched.
Multiple Apple Privacy Vulnerabilities Expose Sensitive User Data
One of the most notable vulnerabilities, identified as CVE-2025-31260, affects Apple Intelligence Reports.
Discovered by security researcher Thomas Völkl of TU Darmstadt, this flaw involves a permissions issue that could allow unauthorized applications to access sensitive user data.
Apple addressed this by implementing additional restrictions to prevent exploitation.
Another significant vulnerability (CVE-2025-31212) in the Core Bluetooth component, discovered by developer Guilherme Rambo, could similarly expose user data through improper state management.
The Notification Center (CVE-2025-24142) and StoreKit (CVE-2025-31242) components contained privacy issues where log entries might reveal sensitive information, potentially exposing user data.
The Sandbox component, crucial for isolating applications from each other, contained a logic issue (CVE-2025-31249) that could allow applications to bypass security boundaries and access sensitive information.
Similarly, the TCC framework, which manages privacy permissions, had an information disclosure vulnerability (CVE-2025-31250) that required improved privacy controls.
These security flaws collectively created a concerning attack surface where malicious applications could potentially harvest sensitive user data despite Apple’s normally robust privacy protections.
Security experts emphasize that these vulnerabilities highlight the increasing sophistication of potential privacy exploits in modern operating systems.
While there’s no indication these flaws were exploited in the wild before patching, the potential for data exposure remained significant.
The fact that eight different components had similar sensitive data access issues shows the challenge of maintaining privacy boundaries in feature-rich operating systems.
List of Important CVEs Addressed
| CVE Identifier | Affected Component | Description |
|---|---|---|
| CVE-2025-31260 | Apple Intelligence Reports | Permissions issue allowing unauthorized data access |
| CVE-2025-31212 | Core Bluetooth | Improper state management exposing user data |
| CVE-2025-24142 | Notification Center | Log entries could reveal sensitive information |
| CVE-2025-31242 | StoreKit | Privacy issue where logs might expose user data |
| CVE-2025-31249 | Sandbox | Logic issue allowing apps to bypass isolation boundaries |
| CVE-2025-31250 | TCC (Privacy Controls) | Information disclosure due to insufficient privacy checks |
Update Now
Apple urges all macOS Sequoia users to install the 15.5 update as soon as possible. The update can be installed through System Settings > General > Software Update.
Users who have enabled automatic updates should receive the patch without manual intervention. IT administrators should prioritize this update for enterprise environments to safeguard organizational data.
The update also addresses other critical security issues, including sandbox escapes and elevated privilege vulnerabilities that could compound the risk of data exposure.
This security release comes as Apple emphasizes privacy as a core feature of its ecosystem while balancing advanced functionality like Apple Intelligence across its platforms.
Vulnerability Attack Simulation on How Hackers Rapidly Probe Websites for Entry Points – Free Webinar
The post Apple Security Update: Multiple Vulnerabilities in macOS & iOS Patched appeared first on Cyber Security News.
