Apple Fixed the Third Actively Exploited Zero-Day of 2025

Apple has taken swift action to address a zero-day vulnerability, tracked as CVE-2025-24201, that was being exploited in "extremely sophisticated" cyber attacks. The company released emergency security updates to patch this out-of-bounds write issue in the WebKit cross-platform web browser engine, which is used by multiple platforms including iOS, iPadOS, macOS, and Safari.

The vulnerability allows an attacker to exploit maliciously crafted web content to escape the Web Content sandbox, potentially allowing them to gain unauthorized access to sensitive data. Apple released this fix as an additional measure after blocking a similar attack in iOS 17.2, indicating that the company is taking proactive steps to protect its users from evolving threats.

"Maliciously crafted web content may be able to break out of Web Content sandbox," reads the advisory published by Apple. "This is a supplementary fix for an attack that was blocked in iOS 17.2." The company also noted that it is aware of reports that this issue may have been exploited in extremely sophisticated attacks against specific targeted individuals on versions of iOS before iOS 17.2.

Apple released multiple updates to address the zero-day vulnerability, including:

  • iOS 18.3.2
  • iPadOS 18.3.2
  • macOS Sequoia 15.3.2
  • visionOS 2.3.2
  • Safari 18.3.1

The affected devices include iPhone XS and later, iPad Pro 13-inch and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later, as well as Macs running macOS Sequoia.

It's worth noting that this is the third zero-day vulnerability Apple has addressed since the start of 2025. The company did not disclose details about the attacks or attribute them to any threat actor, emphasizing its commitment to transparency while also protecting sensitive information.

For more information on cybersecurity and staying safe online, follow us on Twitter: @securityaffairs, Facebook, and Mastodon.