Apple on Tuesday rolled out important security patches for iOS 18, iPadOS 18, and macOS Sequoia. The company says that the latest software releases include a fix for a security vulnerability that was used by hackers to target some individuals. This is the third time this year that Apple has issued security updates for a serious security flaw. Users can update eligible iPhone, iPad, and Mac computers to the latest versions, which addresses the flaw in Apple’s browser engine.
iOS 18.3.2, iPadOS 18.3.2 and macOS 15.3.2 Fix Serious WebKit Security Flaw
The company’s release notes for iOS 18.3.2 and iPadOS 18.3.2 reveal that the updates include a fix for one notable security flaw that affects WebKit, the browser engine used on Safari. This zero-day security flaw (CVE-2025-24201) has also been resolved with the macOS Sequoia 15.3.2 and visionOS 2.3.2 updates.
Apple says that the WebKit security vulnerability allowed maliciously crafted web content to escape the Web Content sandbox. The company explains that this out-of-bounds issue could allow hackers to gain access to a user’s system and perform unauthorised actions.
It’s also worth noting that Apple has said it is aware that the security flaw “may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 17.2.”. The flaw was first fixed in the iOS 17.2 update that rolled out to users in December 2023.
Last month, Apple released iOS 18.3.1 and iPadOS 18.3.1 with a fix for a security flaw that allowed attackers to disable USB Restricted Mode on a locked device. At the time, the company said that it was aware the vulnerability was used to target specific people, using an extremely sophisticated attack.
The company also released iOS 18.3, iPadOS 18.3.1, and macOS 15.3 with fixes for a security flaw that allowed a malicious application to gain elevated privileges on a user’s device. Apple said that the flaw was used to target users with devices running iOS 17.2 or older versions of its iOS operating system.
