On Tuesday, Apple announced the release of critical security updates for iOS 18, iPadOS 18, and macOS Sequoia. These updates are designed to address a significant security vulnerability that had been exploited by hackers to target certain users. This marks the third occasion this year that Apple has responded to serious security concerns with updates, allowing users to upgrade their eligible iPhone, iPad, and Mac devices to versions that rectify a flaw in the company’s browser engine.
Updates Patch Major WebKit Security Vulnerability
The release notes for iOS 18.3.2 and iPadOS 18.3.2 detail a notable fix that addresses a serious security weakness in WebKit, the engine powering Safari. The vulnerability, identified as a zero-day issue (CVE-2025-24201), has also been patched in the macOS Sequoia 15.3.2 and visionOS 2.3.2 updates.
According to Apple, this WebKit vulnerability permitted maliciously crafted web content to bypass the Web Content sandbox, potentially enabling hackers to gain unauthorized access to a user’s system and execute harmful actions.
Additionally, Apple has noted that the security flaw “may have been exploited in an extremely sophisticated attack against specific targeted individuals” using versions of iOS prior to 17.2. This vulnerability was initially addressed in the iOS 17.2 update, which was released to users in December 2023.
In the preceding month, Apple launched iOS 18.3.1 and iPadOS 18.3.1, which included a fix for a security issue that permitted attackers to disable USB Restricted Mode on locked devices. At that time, the company acknowledged that the vulnerability had been leveraged to target certain individuals through a highly sophisticated attack.
Earlier this year, Apple also issued iOS 18.3, iPadOS 18.3.1, and macOS 15.3 to fix a security flaw that allowed a malicious application to gain elevated access privileges on users’ devices. Apple stated that this flaw was specifically used to target individuals utilizing devices running iOS 17.2 or earlier versions of the operating system.
