When you’ve got a process checklist this weekend, we now have yet another aspect: replace your iPhone, iPad and Mac. This week an replace was launched that patch a vulnerability noticed for the primary time in December 2023.
In response to Apple’s launch notes, the answer impacts iOS 18, Ipados 18, Macos 15 and Visisos 2, in addition to to Safari 18 for customers of Macos Ventura and Macos Sonoma. The model notes say that updates embrace unknown errors corrections, however the nice purpose to replace is a single safety replace on all units:
- Influence: Net content material maliciously elaborated can go away the Sandbox net content material. This can be a complementary resolution for an assault that was blocked in iOS 17.2. (Apple is conscious of a report that this downside could have been exploited in a particularly subtle assault towards particular particular people in iOS variations earlier than iOS 17.2).
- Description: A writing downside was addressed outdoors the boundaries with improved checks to keep away from unauthorized actions.
- Webkit Bugzilla: 285858
- CVE-2025-24201: Apple
Apple is attributed to the invention of the fault, which was initially paved on December 11, 2023, with iOS 17.2 and Macos Sonoma 14.2. It isn’t clear what Webkit patch solved the unique vulnerability.
To this point this yr, Apple has set three zero days, that are outlined as failures that have been beforehand unknown. Whereas Apple’s language implies that this menace was utilized in particular assaults, it should undoubtedly replace its units if it has not but performed so.
