Apple released iOS 18.3.1, iPadOS 18.3.1, and iPadOS 17.7.5 today to address a zero-day exploit that might allow attackers to access data on a locked device.The update patches the OS against an attack on USB Restricted Mode, which Apple first implemented in devices with the release of iOS 11.4.1 in 2018, to prevent attempts to bypass device passcodes and get around the encryption safeguards that protect users data. According to Apple, the exploit reported by Bill Marczak of The Citizen Lab may have been exploited in an extremely sophisticated attack against specific targeted individuals.Apple has patched flaws in USB Restricted Mode before, and in iOS 18, it added a new inactivity reboot that would restart unused devices after a few days so that they require a passcode for access. Today, it also issued new updates for the Mac, Apple Watch, and Vision Pro platforms but has not yet released any security notes to go along with those.Apples details about the new update:iOS 18.3.1 and iPadOS 18.3.1Released February 10, 2025AccessibilityAvailable for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and laterImpact: A physical attack may disable USB Restricted Mode on a locked device. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.Description: An authorization issue was addressed with improved state management.