Apple swiftly addresses a critical WebKit zero-day vulnerability. This flaw, CVE-2025-24201, allowed sophisticated attacks targeting specific individuals using iOS versions prior to 17.2. The vulnerability, an out-of-bounds write issue, enabled malicious web content to bypass the Web Content sandbox, potentially granting attackers complete device control. While not widely exploited, the potential consequences were severe.
Affected devices included iPhone XS and later, specific iPad models (Pro, Air, and mini), Macs running macOS Sequoia, and the Apple Vision Pro. Apple's solution involved enhanced checks within updated software: iOS 18.3.2, iPadOS 18.3.2, macOS Sequoia 15.3.2, visionOS 2.3.2, and Safari 18.3.1. Immediate updates are strongly recommended for all affected users.
This marks Apple's third zero-day patch in 2025, highlighting their proactive approach to security. While this particular vulnerability required sophisticated targeting, the company's swift response underscores the importance of regularly updating devices to mitigate potential risks.
Related ##### iOS 18.4 Finally Brings RCS Messaging to Google Fi and Other T-Mobile Carriers
It only took five months!
Zero-day vulnerabilities, by their nature, are unknown to vendors until discovered or exploited. Companies dedicate significant resources to security, but proactive patching remains crucial to minimize user impact. The released updates should be applied immediately.
The above is the detailed content of Apple Fixed Another Zero-day Security Vulnerability: Update Your Devices Now. For more information, please follow other related articles on the PHP Chinese website!
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
