In a move that feels all too familiar, Apple has released emergency security updates to patch a critical WebKit zero-day vulnerability actively exploited in the wild. The flaw, tracked as CVE-2025-24201, involves an out-of-bounds write issue that could allow attackers using maliciously crafted web content to break free from the Web Content sandbox. Not good.
This particular vulnerability affects a staggering range of Apple products – iPhones (XS and newer), various iPad models, Macs running macOS Sequoia, Apple Vision Pro, and even Apple TV. The company’s fix comes in the form of iOS 18.3.2, iPadOS 18.3.2, macOS Sequoia 15.3.2, visionOS 2.3.2, and tvOS 18.3.1. Another day, another patch.
What’s particularly concerning is Apple’s admission that this vulnerability was exploited in “extremely sophisticated attacks” targeting specific individuals. The WebKit sandbox feature is specifically designed to isolate untrusted web content to prevent malicious access to systems. The attacks apparently focused on iOS versions prior to 17.2, and this update serves as a supplementary fix for an attack previously blocked in iOS 17.2.
Targeted attacks like these rarely affect average users, but they’re a stark reminder of the digital threats faced by high-profile individuals.
This marks Apple’s third zero-day patched in 2025, continuing a troubling trend following six zero-days addressed in 2024. The company has been characteristically tight-lipped about who discovered the flaw or which threat actors might be responsible for the attacks.
For affected users, the advice is clear – update immediately. The vulnerability affects Safari and other WebKit-based applications, fundamentally providing attackers with a gateway into your system through malicious web content. The flaw was discovered by Bill Marczak from Citizen Lab, who urged users to update their devices immediately.
High-risk users might want to ponder enabling Lockdown Mode, Apple’s extreme protection feature. But let’s be real – most of us aren’t important enough to be targeted by these “sophisticated attacks.”
Still, better safe than sorry. Update your devices, folks. These security patches exist for a reason, and today’s “targeted” exploit might be tomorrow’s widespread attack. With the AI-driven malware evolving in real-time, these vulnerabilities could quickly transform from targeted exploits to widespread threats.
