Apple has released iOS 15.8.5 and iPadOS 15.8.5 (September 15, 2025), a security-only update for legacy devices that don’t run newer iOS versions. It addresses a single ImageIO vulnerability (CVE-2025-43300) that could trigger memory corruption when processing a malicious image. Apple says there’s a report this bug may have been exploited in an extremely sophisticated, targeted attack.
Who is this for
- iPhone 6s (all models)
- iPhone 7 (all models)
- iPhone SE (1st generation)
- iPad Air 2
- iPad mini (4th generation)
- iPod touch (7th generation)
What’s fixed
- ImageIO: out-of-bounds write, mitigated with improved bounds checking (CVE-2025-43300).
What to do
If you use one of the models above, update immediately: Settings → General → Software Update. This release keeps older hardware protected even if you’re not on Apple’s newer iOS tracks.
