外媒称，这一决策源于苹果对漏洞利用链的深度评估。据该公司安全工程团队披露，攻击者利用的两个 零日漏洞涉及WebKit浏览器引擎与iMessage处理核心，具备远程代码执行与持久化驻留能力，可被用于 部署高度隐蔽的商业间谍软件（如NSO Group风格工具）。苹果已于假期前紧急发布iOS 26.2更新完成 修复，并同步向开发者推送安全公告。 来源：环球网 【环球网科技综合报道】1月11日消息，据forbes报道称，苹果公司近日确认，其最新发现的高危零日漏 洞已被商业间谍软件利用，成功入侵多台iPhone设备。与以往不同，此次修复采取了前所未有的技术策 略：苹果明确限定，仅运行iOS 26操作系统的设备可获得相关安全补丁；已停止支持iOS 18的设备，即 便符合硬件兼容条件，也无法通过旧系统获取该修复——除非设备本身不满足iOS 26安装要求。 然而，现实挑战在于用户升级滞后。多项独立统计数据显示，iOS 26的普及率远低于历史水平。有报告 指出，截至2026年1月初，仅有约19%的活跃iPhone设备运行iOS 26。部分用户对"Liquid Glass"屏幕材质 与新UI动效存在适应性抵触，还有用户对iOS ...

Core Viewpoint - The article highlights a covert cyber attack by the NSA on China's National Time Service Center, exploiting vulnerabilities in foreign brand mobile phone messaging services to steal sensitive information and disrupt critical national infrastructure [1][6]. Group 1: Attack Details - The NSA began exploiting the messaging service vulnerability in March 2022, remotely hijacking the phones of over 10 staff members at the National Time Service Center, leading to the theft of contacts, messages, location data, and login credentials for office systems [1][3]. - From April 2023, the attackers accessed the center's computer network multiple times, deploying 42 customized cyber attack tools, including "eHome_0cx" for stealth, "Back_eleven" for communication tunneling, and "New_Dsz_Implant" for data theft [3][4]. Group 2: Implications of the Attack - The attack poses a significant threat beyond ordinary data breaches, as the National Time Service Center provides the "Beijing Time," which is crucial for financial transactions, 5G communication, and aerospace missions. Disruptions could lead to widespread power outages or mission failures [4][6]. - The NSA's actions aim to compromise sensitive information related to high-precision timing systems, which could directly impact key sectors such as finance, communication, and aerospace in China [6][10]. Group 3: Vulnerability and Security Concerns - The vulnerabilities exploited are categorized as "zero-day" vulnerabilities, with the cost of such exploits in underground markets ranging from $500,000 to $1 million. The NSA reportedly utilized four zero-day vulnerabilities for this operation [8]. - The incident raises questions about the security of Apple devices, as the NSA's actions have tarnished the perceived safety of Apple products, leading to public skepticism regarding their security features [9][10].

Core Viewpoint - The article emphasizes the critical importance of zero-day vulnerabilities in cybersecurity, highlighting their potential to cause significant harm to individuals, businesses, and national infrastructure. Group 1: Definition and Impact of Zero-Day Vulnerabilities - Zero-day vulnerabilities are security flaws in software that manufacturers have not yet discovered or patched, making users and companies vulnerable to immediate exploitation by hackers [2]. - Attacks on critical infrastructure can threaten national stability, as demonstrated by scenarios where hackers exploit multiple zero-day vulnerabilities to control and destroy essential services like power plants [2]. - Economic losses can be substantial when businesses fall victim to zero-day attacks, such as ransomware incidents that encrypt core technical data and customer databases [4]. Group 2: Broader Implications of Zero-Day Vulnerabilities - Personal information can be commodified, leading to severe privacy breaches, as seen when social media platforms experience data theft due to zero-day vulnerabilities [6]. - E-commerce platforms can also be targeted, resulting in the exploitation of user shopping habits for illicit profit [6]. Group 3: Challenges in Mitigating Zero-Day Vulnerabilities - The underground market for zero-day vulnerabilities consists of a well-defined supply chain involving vulnerability discoverers, intermediaries, and attackers, complicating prevention efforts [8]. - Vulnerability discoverers actively seek system weaknesses, while intermediaries package and sell this information to criminals [8]. Group 4: Recommendations for Individuals and Businesses - Regularly updating system software is crucial, as manufacturers provide patches for zero-day vulnerabilities as soon as they are identified [9]. - Installing professional antivirus software and deploying firewalls and intrusion detection systems (IDS) are essential for real-time monitoring and protection against potential threats [9]. - Adopting good security practices, such as avoiding unknown software downloads and being cautious with public Wi-Fi, can significantly reduce the risk of zero-day attacks [9]. - Immediate action should be taken if unusual device behavior is detected, including disconnecting from the internet and contacting customer support to mitigate potential damage [9].

Core Insights - Apple has released an urgent update to address a zero-day vulnerability identified as CVE-2025-43300, which was exploited in highly sophisticated targeted attacks [1][3] - The vulnerability was found in the Image I/O framework, and Apple has implemented improved boundary checking measures to mitigate the risk of further exploitation [3] Summary by Categories - **Vulnerability Details** - The zero-day vulnerability CVE-2025-43300 was used in complex targeted attacks against specific individuals [1][3] - There is evidence that hackers have already exploited this vulnerability [3] - **Company Response** - Apple has issued a broad security patch that affects multiple operating systems, including iOS 18.6.2, iPadOS 18.6.2, iPadOS 17.7.10, macOS Sequoia 15.6.1, macOS Sonoma 14.7.8, and macOS Ventura 13.7.8 [3] - Users are advised to install the latest security updates promptly to protect against potential memory corruption risks when handling malicious image files [3]

Group 1 - The U.S. Department of Energy reported that starting from July 18, the exploitation of a zero-day vulnerability in Microsoft SharePoint began to impact the Department, including the National Nuclear Security Administration (NNSA) [1]