When you’ve obtained a to-do checklist this weekend, we’ve obtained yet one more merchandise for it: replace your iPhone, iPad, and Mac. An replace was launched this week that patches a vulnerability first noticed method again in December 2023.
In keeping with Apple’s launch notes, the repair impacts iOS 18, iPadOS 18, macOS 15, and visionOS 2, in addition to Safari 18 for macOS Ventura and macOS Sonoma customers. The discharge notes say the updates embrace unknown bug fixes, however the massive cause to replace is a single safety replace throughout all units:
- Impression: Maliciously crafted net content material could possibly get away of Internet Content material sandbox. This can be a supplementary repair for an assault that was blocked in iOS 17.2. (Apple is conscious of a report that this subject might have been exploited in an especially refined assault towards particular focused people on variations of iOS earlier than iOS 17.2.)
- Description: An out-of-bounds write subject was addressed with improved checks to forestall unauthorized actions.
- WebKit Bugzilla: 285858
- CVE-2025-24201: Apple
Apple is credited with discovering the flaw, which was initially patched on December 11, 2023, with iOS 17.2 and macOS Sonoma 14.2. It’s unclear which WebKit patch fastened the unique vulnerability.
To this point this 12 months, Apple has fastened three zero-days, that are outlined as flaws that have been beforehand unknown. Whereas Apple’s language implies this menace was utilized in focused assaults, it is best to positively replace your units if you happen to haven’t already.