For those who’ve received a to-do listing this weekend, we’ve received yet another merchandise for it: replace your iPhone, iPad, and Mac. An replace was launched this week that patches a vulnerability first noticed means again in December 2023.
In keeping with Apple’s launch notes, the repair impacts iOS 18, iPadOS 18, macOS 15, and visionOS 2, in addition to Safari 18 for macOS Ventura and macOS Sonoma customers. The discharge notes say the updates embody unknown bug fixes, however the huge motive to replace is a single safety replace throughout all gadgets:
- Impression: Maliciously crafted net content material might be able to escape of Net Content material sandbox. This can be a supplementary repair for an assault that was blocked in iOS 17.2. (Apple is conscious of a report that this concern might have been exploited in a particularly refined assault in opposition to particular focused people on variations of iOS earlier than iOS 17.2.)
- Description: An out-of-bounds write concern was addressed with improved checks to forestall unauthorized actions.
- WebKit Bugzilla: 285858
- CVE-2025-24201: Apple
Apple is credited with discovering the flaw, which was initially patched on December 11, 2023, with iOS 17.2 and macOS Sonoma 14.2. It’s unclear which WebKit patch fastened the unique vulnerability.
Up to now this 12 months, Apple has fastened three zero-days, that are outlined as flaws that had been beforehand unknown. Whereas Apple’s language implies this menace was utilized in focused assaults, you must positively replace your gadgets in case you haven’t already.