Apple has rolled out iOS 18.3.2 and iPadOS 18.3.2, addressing a critical zero-day vulnerability in the WebKit browser engine. The flaw, identified as CVE-2025-24201, has been actively exploited, allowing attackers to access memory outside its permitted range. If left unpatched, this vulnerability could enable unauthorized access to sensitive information or lead to device compromise.
The company stated that the vulnerability could have been used in an “extremely sophisticated attack against specific target individuals.” This suggests that the flaw may have been exploited in highly targeted cyberattacks rather than widespread threats. Apple fixed the issue by implementing improved checks to prevent unauthorized actions. This update serves as an additional security enhancement following iOS 17.2, which also included crucial fixes to strengthen device protection.
Details and Apple’s Response
Apple did not specify whether the vulnerability was discovered internally or by an external researcher. The company also withheld details on when the attacks began or how long they lasted. “To protect our customers, Apple does not disclose, discuss, or confirm security issues until an investigation has been completed and patches or releases are available,” Apple stated.
Despite the lack of detailed information, Apple’s swift release of a patch underscores the severity of the issue, notes NIXsolutions. Although the exploit was likely used only in targeted attacks, Apple urges all users to install the update as soon as possible to prevent potential security risks. Cybercriminals often attempt to reverse-engineer security patches to develop new attack methods, making timely updates essential for device safety.
Apple regularly releases security updates to address vulnerabilities in iOS, iPadOS, and macOS, reinforcing its commitment to user security. This latest fix highlights the ongoing battle against sophisticated cyber threats. To stay protected, users should enable automatic updates or manually check for new software versions in their device settings. We’ll keep you updated as more information emerges.