Apple has recently rolled out critical security updates to address a zero-day vulnerability, identified as CVE-2025-24201. This flaw is considered highly serious as it has been exploited in “extremely sophisticated” attacks targeting specific individuals. The vulnerability affects WebKit, the web browser engine that powers Apple’s Safari browser as well as a variety of applications across macOS, iOS, Linux, and Windows platforms.
In security advisories released on a Tuesday, Apple stated that this particular vulnerability was already mitigated in the iOS 17.2 update, but they wanted to ensure that users are further protected by rolling out these supplementary fixes. They are aware of reports indicating that the vulnerability may have been leveraged in specific high-stakes attacks against individuals using iOS versions older than 17.2.
Attackers can exploit CVE-2025-24201 by using maliciously crafted web content designed to escape the Web Content sandbox, which is a security measure intended to isolate processes and limit the potential damage of exploits. To address this issue, Apple has implemented enhanced checks in the latest updates to prevent unauthorized access and further unauthorized actions on affected devices.
The security updates can be found in the following versions:
– iOS 18.3.2
– iPadOS 18.3.2
– macOS Sequoia 15.3.2
– visionOS 2.3.2
– Safari 18.3.1
A wide array of devices are impacted by this vulnerability, covering both older and newer models. These include:
– iPhone XS and subsequent models
– iPad Pro (13-inch and 12.9-inch 3rd generation and later, 11-inch 1st generation and later)
– iPad Air (3rd generation and later)
– iPad (7th generation and later)
– iPad mini (5th generation and later)
– Macs running macOS Sequoia
– Apple Vision Pro
While Apple has not disclosed the identity of the individual or group that found this security flaw, the company has yet to provide further details concerning the nature of the sophisticated attacks linked to the vulnerability.
Though the exploitation of this zero-day vulnerability appears to have been limited to targeted attacks, it is strongly recommended that users promptly install the latest security updates. This proactive measure will help guard against possible ongoing attacks that may arise from the vulnerability.
Since the beginning of this year, Apple has addressed three zero-day vulnerabilities, with the first acknowledged in January (CVE-2025-24085) and a second one in February (CVE-2025-24200). In the previous year, the company patched six additional zero-days that had been exploited in active attacks, which included a range of incidents reported from January to November.
In a notable contrast, the year prior to that, Apple responded to 20 zero-day vulnerabilities that were exploited in various attacks, indicating a heightened focus on security and the need for continuous monitoring and updates to their software systems. This underscores the importance of maintaining secure devices through timely software updates, ensuring users remain protected against emerging threats.