Attackers shifting to core image services: Attackers seem to be moving focus to image processing modules in core system software, rather than going after obvious network-facing services or applications. Last week, Samsung patched a critical bug (CVE-2025-21043) affecting its supplied image library ‘libimagecodec.quram.so’ that allowed remote code execution via a crafted image with zero user interaction.Because image-parsing frameworks are deeply embedded in how devices handle everything from messaging to media galleries, these kinds of exploits can lurk quietly, built into seemingly harmless actions.Users are advised to update not just their phones and tablets but also any related devices that share the ImageIO or equivalent image processing modules. It is safe to assume the bug has no workaround since ImageIO is a core framework and users can’t disable or replace it. The only realistic mitigation is installing the update.Apple has tended to eight zero-days so far in 2025, having fixed a total of six in 2024. The Cupertino giant had fixed twenty such bugs a year ago, including notorious RCE bugs, CVE-2023-32434 and CVE-2023-32435, allegedly used in a spy campaign Operation Triangulation against Russia.
First seen on csoonline.com
Jump to article: www.csoonline.com/article/4058589/apple-patches-critical-zero-day-in-imageio-amid-reports-of-targeted-exploits.html
