Apple Urges iOS Users to Update: Critical WebKit Vulnerability Patched
Apple has swiftly addressed a critical security issue by releasing iOS 18.3.2 and iPadOS 18.3.2. The update patches a WebKit vulnerability (CVE-2025-24201) that cybercriminals had been actively exploiting. Although the specific targets and attackers remain unknown, users are urged to update their devices immediately.
The vulnerability, present in the WebKit engine used by Safari and other web-based content, allowed malicious web content to escape the Web Content sandbox. This posed a significant security risk, as it could potentially allow attackers to gain unauthorized access to sensitive data or control over the device.
Apple initially thought the issue was resolved in iOS 17.2 but has since issued a supplementary fix to fully address the problem. The update is available for iPhone XS and later models, various iPad Pro versions, iPad Air (3rd generation and later), and iPad mini (5th generation and later).
While the full extent of the attacks remains unclear, it's known that the vulnerability was used in a sophisticated attack targeting specific individuals before iOS 17.2. To protect against actively exploited cyber threats, all iOS users are strongly advised to update to iOS 18.3.2 without delay.
