{"id":2288,"date":"2025-03-12T11:31:54","date_gmt":"2025-03-12T11:31:54","guid":{"rendered":"https:\/\/cybersecurityinfocus.com\/?p=2288"},"modified":"2025-03-12T11:31:54","modified_gmt":"2025-03-12T11:31:54","slug":"apple-patches-zero-day-bugs-used-in-targeted-iphone-attacks","status":"publish","type":"post","link":"https:\/\/cybersecurityinfocus.com\/?p=2288","title":{"rendered":"Apple patches zero-day bugs used in targeted iPhone attacks"},"content":{"rendered":"<div>\n<div class=\"grid grid--cols-10@md grid--cols-8@lg article-column\">\n<div class=\"col-12 col-10@md col-6@lg col-start-3@lg\">\n<div class=\"article-column__content\">\n<div class=\"container\"><\/div>\n<p>Apple has rolled out emergency patches for a bug affecting Webkit, the open-source web browser engine used primarily in Safari, against active exploitations in the wild.<\/p>\n<p>The vulnerability, CVE-2025024201, was reportedly exploited in zero-day attacks against targeted individuals.<\/p>\n<p>\u201cApple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before 17.2,\u201d the iPhone maker said in an <a href=\"https:\/\/support.apple.com\/en-us\/122281\">advisory<\/a>.<\/p>\n<p>Patches were released on Tuesday and are available through the latest versions of iOS, iPadOS, macOS, Safari, and visionOS.<\/p>\n<h2 class=\"wp-block-heading\">An out-of-bounds write issue<\/h2>\n<p>The vulnerability specifically affects Apple\u2019s Web Content Sandbox feature, a security mechanism that isolates web content from the rest of the system, preventing malicious websites from accessing sensitive data or executing harmful code beyond the browser environment.<\/p>\n<p>\u201cMaliciously crafted web content may be able to break out of Web Content sandbox,\u201d Apple added. This is an out-of-bounds write issue that Apple first fixed in iOS 17.2 while blocking the zero-day attempts.<\/p>\n<p>The company has now rolled out supplementary fixes for all the affected operating systems. Updates with patches include iOS 18.3.2, iPadOS 18.3.2, macOS Sequoia 15.3.2, Safari 18.3.1, and vision 2.3.2.<\/p>\n<p>While Apple refrained from disclosing technical details of the exploitation for security reasons, it is known that such issues could potentially allow high-impact attacks, including remote code execution (RCE), privilege escalation, data theft, and device takeover.<\/p>\n<p>Although the bug was reported to be used only in targeted attacks, all Apple users are advised to install these updates promptly, as they may be used in other attacks.<\/p>\n<h2 class=\"wp-block-heading\">Three zero-days within months<\/h2>\n<p>This marks Apple\u2019s third zero-day fix since the start of the year, following patches for <a href=\"https:\/\/www.csoonline.com\/article\/3811322\/iphone-users-targeted-in-apples-first-zero-day-exploit-in-2025.html\">CVE-2025-24085<\/a> in January and <a href=\"https:\/\/www.csoonline.com\/article\/3821833\/apple-issues-emergency-patches-to-contain-an-extremely-sophisticated-attack-on-targeted-individuals.html\">CVE-2025-24200<\/a> in February.<\/p>\n<p>Apple\u2019s leading market share attracts frequent adversarial interest, making a development or configurational mishap extremely punishing. The company suffered a total of twenty bugs in 2023, including the RCE bugs, CVE-2023-32434 and CVE-2023-32435 allegedly exploited in the <a href=\"https:\/\/www.csoonline.com\/article\/642935\/apple-patches-exploits-used-in-spy-campaign-operation-triangulation.html\">Operation Triangulation<\/a> spy campaign.<\/p>\n<p>In 2024, Apple fixed six zero-day bugs, along with a string of critical flaws including <a href=\"https:\/\/www.csoonline.com\/article\/1311874\/apple-warns-users-against-critical-memory-corrupting-attacks.html\">CVE-2024-23225 and CVE-2024-23296<\/a> which together allowed attackers to bypass kernel memory protection.<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>","protected":false},"excerpt":{"rendered":"<p>Apple has rolled out emergency patches for a bug affecting Webkit, the open-source web browser engine used primarily in Safari, against active exploitations in the wild. The vulnerability, CVE-2025024201, was reportedly exploited in zero-day attacks against targeted individuals. \u201cApple is aware of a report that this issue may have been exploited in an extremely sophisticated [&hellip;]<\/p>\n","protected":false},"author":0,"featured_media":2289,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-2288","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-education"],"_links":{"self":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/2288"}],"collection":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2288"}],"version-history":[{"count":0,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/2288\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/media\/2289"}],"wp:attachment":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2288"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2288"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2288"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}