Apple WebKit Zero-Day Under Attack: Important Security Update Released

Published by Shivani Bhore on

Zero-Day

A serious zero-day vulnerability (CVE-2025-24201) in Apple’s WebKit browser engine has been being exploited in sophisticated assaults, and the company has issued emergency security upgrades to address it. Attackers may be able to produce malicious online content that can get past the online Content sandbox thanks to the weakness, an out-of-bounds write issue, which could result in unauthorised actions on impacted devices. Apple advises customers to upgrade their devices right away in order to reduce the risk.

Numerous Apple products are impacted by the vulnerability, including:
  • iPad Pro 13-inch, iPad Pro 12.9-inch (3rd generation and later), iPad Pro 11-inch (1st generation and later), iPad Air (3rd generation and later), iPad (7th generation and later), and iPad mini (5th generation and later) are all compatible with iOS 18.3.2 and iPadOS 18.3.2.
  • Macs running macOS Sequoia can use macOS Sequoia 15.3.2.
  • For macOS Ventura and macOS Sonoma, Safari 18.3.1 is available.
  • For Apple Vision Pro, Use VisionOS 2.3.2.

Although there are no explained CVE entries for tvOS 18.3.1, this version was released especially for Apple TV 4K (3rd generation).

This latest patch, which follows updates for CVE-2025-24085 in January and CVE-2025-24200 in February, is Apple’s third response to actively exploited zero-day vulnerabilities this year.

Apple has not revealed information on how the vulnerability was found, who the attackers were, or who the intended victims were. It is highly recommended that users update their devices right away in order to reduce any potential hazards related to this vulnerability.

Apple Explains the WebKit Flaw’s Nature

The IT behemoth described the security flaw as an out-of-bounds write issue that was resolved with enhanced safeguards against unwanted activity.

In a basic bulletin, Apple explained, “This is a supplementary fix for an attack that was blocked in iOS 17.2.””For our customers’ protection, Apple doesn’t disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available,” the company added.

Categories: Technology
Tags:

Related Posts

Technology

The most advanced AI reasoning model from Google, Gemini 2.5 Pro, is released

Google has introduced Gemini 2.5, the latest addition to its advanced family of AI reasoning models that incorporate chain-of-thought prompting for enhanced problem-solving. The first model in this series, Gemini 2.5 Pro Experimental, is now Read more…

Samsung Galaxy S25
Technology

Samsung Galaxy S25: A Compact Powerhouse with Premium Features

Samsung has unveiled the much awaited Galaxy S25 series, which consists of the little Galaxy S25, S25 Plus, and Ultra. The normal Galaxy S25 is a stylish, affordable flagship, but the Ultra and Plus editions Read more…

Samsung Galaxy Z Fold 7
Technology

The Galaxy Z Fold 7 Rival Might Have the Biggest Foldable Battery

Samsung is working on improving its foldable smartphone technology, but significant improvements are already being demanded by Chinese competitors. Vivo is getting ready to release a new foldable gadget that will go head-to-head with the Read more…