CyberInsider

Reliable cybersecurity news and resources

General

Latest News

About

CyberInsider covers the latest news in the cybersecurity and data privacy world. In addition to news, we also publish in-depth guides and resources.
See our Mission >

Apple Patches Zero-Day Flaw Used in Targeted iPhone Attacks

By Leave a Comment
Apple Patches Zero-Day Flaw Used in Targeted iPhone Attacks

Apple has released iOS 18.3.2 and iPadOS 18.3.2 to fix a zero-day vulnerability that may have been exploited in highly targeted attacks.

This marks the third actively exploited zero-day Apple has patched in 2025.

“Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 17.2,” explains Apple in a bulletin released today.

The flaw is tracked as CVE-2025-24201 and affects WebKit. According to the limited information that was made available, the vulnerability could allow malicious web content to escape the Web Content sandbox, potentially enabling unauthorized actions. The company addressed the issue by improving checks to prevent out-of-bounds write operations.

The latest patch applies to a broad range of Apple devices, including iPhones (XS and later), iPads (Pro, Air, mini, and standard models from the 3rd generation onward), and macOS Sequoia. The same fix was also rolled out for visionOS in version 2.3.2.

WebKit, Apple's browser engine, is a frequent target for attackers due to its widespread use in Safari and other system applications. The newly patched vulnerability follows a previous WebKit flaw blocked in iOS 17.2, suggesting attackers have continued refining their techniques to bypass Apple's mitigations.

Growing list of Apple zero-days in 2025

This is the third zero-day vulnerability Apple has fixed this year. Last month, the company patched CVE-2025-24200, a flaw that allowed attackers to disable USB Restricted Mode on locked iPhones. The vulnerability, discovered by The Citizen Lab's Bill Marczak, was exploited in highly targeted attacks, potentially allowing unauthorized access to sensitive device data.

Earlier in January, Apple addressed CVE-2025-24085, a CoreMedia use-after-free vulnerability that enabled privilege escalation. Apple confirmed that attackers had actively exploited the flaw in the wild before the iOS 17.2 update closed the loophole.

iPhone users are strongly advised to install iOS 18.3.2 and iPadOS 18.3.2 immediately to mitigate the risk of exploitation. The update can be accessed via Settings > General > Software Update. To enhance security further, consider enabling Lockdown Mode, which provides additional protection layers and resistance to sophisticated attacks in exchange for losing some functionality.

About Bill Mann

Bill specializes in explaining complex technical topics to a non-technical audience. In his 30+ year career, he has covered many of the technological advances that shape our lives. Today, Bill uses those skills to help people protect their privacy and security against the ever-growing assaults on both.

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *