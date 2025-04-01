Apple¤¬½ÅÍ×¤ÊÀÈ¼åÀ¤ò½¤Àµ¤·¤¿¡ÖiPadOS 17.7.6¡×¤òÄó¶¡³«»Ï¡ªiPad¡ÊÂè6À¤Âå¡Ë¤äiPad Pro¤Î10.5¥¤¥ó¥Á¤È12.9¥¤¥ó¥Á¡ÊÂè2À¤Âå¡Ë¸þ¤±
|Apple¤¬iPad¸þ¤±iPadOS 17.7.6¤ò¥ê¥ê¡¼¥¹¡ª
Apple¤Ï31Æü¡Ê¸½ÃÏ»þ´Ö¡Ë¡¢Æ±¼Ò¤¬Å¸³«¤¹¤ë¥¿¥Ö¥ì¥Ã¥È¡ÖiPad¡×¥·¥ê¡¼¥º¸þ¤±¥×¥é¥Ã¥È¥Õ¥©¡¼¥à¡ÖiPadOS¡×¤Ë¤ª¤¤¤ÆÁ°¥Ð¡¼¥¸¥ç¥ó¡ÖiPadOS 17¡×¤ÎºÇ¿·ÈÇ¡ÖiPadOS 17.7.6¡Ê21H420¡Ë¡×¤òÄó¶¡³«»Ï¤·¤¿¤È¤ªÃÎ¤é¤»¤·¤Æ¤¤¤Þ¤¹¡£
ÂÐ¾Ýµ¡¼ï¤ÏºÇ¿·¥Ð¡¼¥¸¥ç¥ó¡ÖiPadOS 18¡×¤ËÂÐ±þ¤·¤Æ¤¤¤Ê¤¤iPadOS 17¤ÎÂÐ±þµ¡¼ï¤Ç¡¢¶ñÂÎÅª¤Ë¤ÏiPad¡ÊÂè6À¤Âå¡Ë¤ä12.9¥¤¥ó¥ÁiPad Pro¡ÊÂè2À¤Âå¡Ë¡¢10.5¥¤¥ó¥ÁiPad Pro¤Î3µ¡¼ï¤È¤Ê¤ê¤Þ¤¹¡£¤Ê¤ª¡¢°ÊÁ°¤Ï¡ÖiOS 18¡×¤äiPadOS 18¤ÎÂÐ¾Ýµ¡¼ï¤ÏiOS 18¤äiPadOS 18¤Þ¤¿¤ÏiOS 17¤äiPadOS 17¤òÁª¤ó¤Ç¹¹¿·¤Ç¤¤Æ¤¤¤Þ¤·¤¿¤¬¡¢iPadOS 17.7.3¤«¤éiOS 18¤äiPadOS 18¤ÎÂÐ¾Ýµ¡¼ï¤ÏiOS 18¤äiPadOS 18¤Î¤ß¤Ë¹¹¿·¤¹¤ë¤è¤¦¤Ë¤Ê¤Ã¤Æ¤¤¤Þ¤¹¡£
¤½¤ÎÂ¾¡¢¤¹¤Ç¤Ë¾Ò²ð¤·¤Æ¤¤¤ë¤è¤¦¤ËÆ±¼Ò¤Ç¤Ï¹ç¤ï¤»¤ÆiPhone¤äiPad¤Ê¤É¸þ¤±¡ÖiOS 18.4¡×¤ª¤è¤Ó¡ÖiPadOS 18.4¡×¤ä¡ÖiOS 16.7.11¡×¤ª¤è¤Ó¡ÖiPadOS 16.7.11¡×¡¢¡ÖiOS 15.8.4¡×¤ª¤è¤Ó¡ÖiPadOS 15.8.4¡×¡¢¥Ñ¥½¥³¥ó¡ÖMac¡×¸þ¤±¡ÖmacOS Sequoia 15.4¡×¡¢¥»¥Ã¥È¥È¥Ã¥×¥Ü¥Ã¥¯¥¹¡ÖApple TV¡×¸þ¤±¡Ötv 18.4¡×¡¢¥¹¥Þ¡¼¥È¥Ø¥Ã¥É¥»¥Ã¥È¡ÖApple Vision¡×¸þ¤±¡ÖvisionOS 2.4¡×¤Ê¤É¤âÇÛ¿®³«»Ï¤·¤Æ¤¤¤Þ¤¹¡£
Apple¤Ç¤Ï2021Ç¯¤ËÄó¶¡³«»Ï¤·¤¿iOS 15¤ª¤è¤ÓiPadOS 15¤«¤é°ìÄê´ü´Ö¤Ï¼¡¤ÎºÇ¿·¥Ð¡¼¥¸¥ç¥ó¤Ë¹¹¿·¤»¤º¤Ë´ûÂ¸¤Î¥Ð¡¼¥¸¥ç¥ó¤ËÎ±¤Þ¤ëµ¡Ç½¤òÄó¶¡¤·¤Æ¤ª¤ê¡¢º£Ç¯¤âºÇ¿·¤ÎiOS 18¤äiPadOS 18¤ÎÀµ¼°ÈÇ¤¬ÇÛ¿®³«»Ï¤µ¤ì¤Þ¤·¤¿¤¬¡¢°ú¤Â³¤¤¤Æ¤·¤Ð¤é¤¯iOS 17¤äiPadOS 17¤Ç»È¤¦¾ì¹ç¤òÂÐ¾Ý¤Ë¥»¥¥å¥ê¥Æ¥£¡¼½¤Àµ¤Î¤ß¤ò¹Ô¤Ã¤¿¥½¥Õ¥È¥¦¥§¥¢¹¹¿·¤òÄó¶¡¤·¤Æ¤ª¤ê¡¢º£²ó¤ÏÁ°²ó¤ÎiPadOS 17.7.4¤ËÂ³¤¤¤ÆiPadOS 17.7.6¤¬Äó¶¡³«»Ï¤µ¤ì¤Þ¤·¤¿¡£
¹¹¿·¤Ï½¾ÍèÄÌ¤ê³ÆÀ½ÉÊËÜÂÎ¤Î¤ß¤ÇOTA¡ÊOn-The-Air¡Ë¤Ë¤è¤ê¥À¥¦¥ó¥í¡¼¥É¤Ç¹Ô¤¨¡¢ÊýË¡¤È¤·¤Æ¤Ï¡¢¡ÖÀßÄê¡×¢ª¡Ö°ìÈÌ¡×¢ª¡Ö¥½¥Õ¥È¥¦¥§¥¢¡¦¥¢¥Ã¥×¥Ç¡¼¥È¡×¤«¤é¹Ô¤¨¡¢Ã±ÂÎ¤Ç¥¢¥Ã¥×¥Ç¡¼¥È¤¹¤ë¾ì¹ç¤Î¥À¥¦¥ó¥í¡¼¥É¥µ¥¤¥º¤Ï¼ê»ý¤Á¤ÎiPad¡ÊÂè6À¤Âå¡Ë¤ÇiPadOS 17.7.6¤«¤é¤À¤È149.7MB¤È¤Ê¤Ã¤Æ¤¤¤Þ¤¹¡£¤Þ¤¿iTunes¤ò¥¤¥ó¥¹¥È¡¼¥ë¤·¤¿Windows¤ª¤è¤ÓMac¤ÈUSB-Lightning¥±¡¼¥Ö¥ë¤ÇÀÜÂ³¤·¤Æ¤â¼Â»Ü¤Ç¤¤Þ¤¹¡£¤Ê¤ª¡¢Apple¤¬°ÆÆâ¤·¤Æ¤¤¤ë¥¢¥Ã¥×¥Ç¡¼¥È¤ÎÆâÍÆ¤ª¤è¤Ó¥»¥¥å¥ê¥Æ¥£¡¼¥³¥ó¥Æ¥ó¥Ä¤Î½¤Àµ¤Ï°Ê²¼¤ÎÄÌ¤ê¡£
iPadOS 17.7.6
¤³¤Î¥¢¥Ã¥×¥Ç¡¼¥È¤Ë¤Ï½ÅÍ×¤Ê¥»¥¥å¥ê¥Æ¥£½¤Àµ¤¬´Þ¤Þ¤ì¡¢¤¹¤Ù¤Æ¤Î¥æ¡¼¥¶¤Ë¿ä¾©¤µ¤ì¤Þ¤¹¡£
Apple¥½¥Õ¥È¥¦¥§¥¢¥¢¥Ã¥×¥Ç¡¼¥È¤Î¥»¥¥å¥ê¥Æ¥£¥³¥ó¥Æ¥ó¥Ä¤Ë¤Ä¤¤¤Æ¤Ï¡¢°Ê²¼¤ÎWeb¥µ¥¤¥È¤ò¤´Í÷¤¯¤À¤µ¤¤: https://support.apple.com/100100
Released March 31, 2025
- Accounts
Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation
Impact: Sensitive keychain data may be accessible from an iOS backup
Description: This issue was addressed with improved data access restriction.
CVE-2025-24221: Lehan Dilusha @zorrosign Sri Lanka, and an anonymous researcher
- Audio
Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation
Impact: Processing a maliciously crafted file may lead to arbitrary code execution
Description: The issue was addressed with improved memory handling.
CVE-2025-24243: Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative
- Audio
Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation
Impact: Processing a maliciously crafted font may result in the disclosure of process memory
Description: The issue was addressed with improved memory handling.
CVE-2025-24244: Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative
- BiometricKit
Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation
Impact: An app may be able to cause unexpected system termination
Description: A buffer overflow was addressed with improved bounds checking.
CVE-2025-24237: Yutong Xiu
- Calendar
Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation
Impact: An app may be able to break out of its sandbox
Description: A path handling issue was addressed with improved validation.
CVE-2025-30429: Denis Tokarev (@illusionofcha0s)
- Calendar
Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation
Impact: An app may be able to break out of its sandbox
Description: This issue was addressed with improved checks.
CVE-2025-24212: Denis Tokarev (@illusionofcha0s)
- CloudKit
Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation
Impact: A malicious app may be able to access private information
Description: The issue was addressed with improved checks.
CVE-2025-24215: Kirin (@Pwnrin)
- CoreAudio
Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation
Impact: Playing a malicious audio file may lead to an unexpected app termination
Description: An out-of-bounds read issue was addressed with improved input validation.
CVE-2025-24230: Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative
- CoreMedia
Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation
Impact: A malicious application may be able to elevate privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 17.2.
Description: A use after free issue was addressed with improved memory management.
CVE-2025-24085
- CoreMedia
Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation
Impact: Processing a maliciously crafted video file may lead to unexpected app termination or corrupt process memory
Description: The issue was addressed with improved memory handling.
CVE-2025-24190: Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative
- CoreMedia
Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation
Impact: Processing a maliciously crafted video file may lead to unexpected app termination or corrupt process memory
Description: This issue was addressed with improved memory handling.
CVE-2025-24211: Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative
- curl
Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation
Impact: An input validation issue was addressed
Description: This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.
CVE-2024-9681
- Foundation
Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation
Impact: An app may be able to access sensitive user data
Description: The issue was resolved by sanitizing logging
CVE-2025-30447: LFY@secsys from Fudan University
- ImageIO
Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation
Impact: Parsing an image may lead to disclosure of user information
Description: A logic error was addressed with improved error handling.
CVE-2025-24210: Anonymous working with Trend Micro Zero Day Initiative
- Kernel
Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation
Impact: A malicious app may be able to attempt passcode entries on a locked device and thereby cause escalating time delays after 4 failures
Description: A logic issue was addressed with improved state management.
CVE-2025-30432: Michael (Biscuit) Thomas - @biscuit@social.lol
- Kernel
Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation
Impact: An app may be able to modify protected parts of the file system
Description: The issue was addressed with improved checks.
CVE-2025-24203: Ian Beer of Google Project Zero
- libxml2
Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation
Impact: Parsing a file may lead to an unexpected app termination
Description: This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.
CVE-2025-27113
CVE-2024-56171
- libxpc
Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation
Impact: An app may be able to break out of its sandbox
Description: This issue was addressed through improved state management.
CVE-2025-24178: an anonymous researcher
- NetworkExtension
Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation
Impact: An app may be able to enumerate a user's installed apps
Description: This issue was addressed with additional entitlement checks.
CVE-2025-30426: Jimmy
- Photos
Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation
Impact: Photos in the Hidden Photos Album may be viewed without authentication
Description: This issue was addressed through improved state management.
CVE-2025-30428: Jax Reissner
- Power Services
Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation
Impact: An app may be able to break out of its sandbox
Description: This issue was addressed with additional entitlement checks.
CVE-2025-24173: Mickey Jin (@patch1t)
- Safari
Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation
Impact: Visiting a malicious website may lead to user interface spoofing
Description: The issue was addressed with improved UI.
CVE-2025-24113: @RenwaX23
- Security
Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation
Impact: A remote user may be able to cause a denial-of-service
Description: A validation issue was addressed with improved logic.
CVE-2025-30471: Bing Shi, Wenchao Li, Xiaolong Bai of Alibaba Group, Luyi Xing of Indiana University Bloomington
- Shortcuts
Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation
Impact: A shortcut may be able to access files that are normally inaccessible to the Shortcuts app
Description: A permissions issue was addressed with improved validation.
CVE-2025-30465: an anonymous researcher
- Shortcuts
Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation
Impact: A shortcut may be able to access files that are normally inaccessible to the Shortcuts app
Description: This issue was addressed with improved access restrictions.
CVE-2025-30433: Andrew James Gonzalez
- Siri
Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation
Impact: An attacker with physical access may be able to use Siri to access sensitive user data
Description: This issue was addressed by restricting options offered on a locked device.
CVE-2025-24198: Richard Hyunho Im (@richeeta) with routezero.security
- Siri
Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation
Impact: An app may be able to access user-sensitive data
Description: An authorization issue was addressed with improved state management.
CVE-2025-24205: YingQi Shi(@Mas0nShi) of DBAppSecurity's WeBin lab and Minghao Lin (@Y1nKoc)
- WebKit
Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation
Impact: A malicious website may be able to track users in Safari private browsing mode
Description: This issue was addressed through improved state management.
WebKit Bugzilla: 286580
CVE-2025-30425: an anonymous researcher
- WebKit
Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation
Impact: Processing maliciously crafted web content may lead to an unexpected Safari crash
Description: The issue was addressed with improved memory handling.
WebKit Bugzilla: 284055
CVE-2025-24216: Paul Bakker of ParagonERP
WebKit Bugzilla: 285892
CVE-2025-24264: Gary Kwong, and an anonymous researcher
- WebKit
Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation
Impact: Processing maliciously crafted web content may lead to an unexpected Safari crash
Description: A use-after-free issue was addressed with improved memory management.
WebKit Bugzilla: 285643
CVE-2025-30427: rheza (@ginggilBesel)
- WebKit
Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation
Impact: Processing maliciously crafted web content may lead to an unexpected process crash
Description: A buffer overflow issue was addressed with improved memory handling.
WebKit Bugzilla: 286462
CVE-2025-24209: Francisco Alonso (@revskills), and an anonymous researcher
- WebKit
Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation
Impact: Processing maliciously crafted web content may lead to memory corruption
Description: The issue was addressed with improved memory handling.
WebKit Bugzilla: 282450
CVE-2024-54543: Lukas Bernhard, Gary Kwong, and an anonymous researcher
WebKit Bugzilla: 277967
CVE-2024-54534: Tashita Software Security
- WebKit
Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation
Impact: Processing maliciously crafted web content may lead to an unexpected process crash
Description: The issue was addressed with improved memory handling.
WebKit Bugzilla: 282180
CVE-2024-54508: Xiangwei Zhang of Tencent Security YUNDING LAB, linjy of HKUS3Lab and chluo of WHUSecLab, and an anonymous researcher
- WebKit
Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation
Impact: Processing maliciously crafted web content may lead to an unexpected process crash
Description: The issue was addressed with improved checks.
WebKit Bugzilla: 281912
CVE-2024-54502: Brendon Tiszka of Google Project Zero
- WebKit
Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation
Impact: A type confusion issue could lead to memory corruption
Description: This issue was addressed with improved handling of floats.
WebKit Bugzilla: 286694
CVE-2025-24213: Google V8 Security Team
Additional recognition
- Audio
We would like to acknowledge Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative for their assistance.
- Security
We would like to acknowledge Kevin Jones (GitHub) for their assistance.
