If you own an Apple device, there's a good chance an important security update is available, one that addresses an "extremely sophisticated attack" zero-day security flaw that's being actively exploited in the wild. Your Apple Watch and AirPods are not affected, but practically every other device is, including several generations of iPhone and iPad models, certain Mac systems (like the new
M4-powered MacBook Air), and even the
Vision Pro.
Each of the individual devices updates (iOS 18.3.2, iPadOS 18.3.2, macOS Sequoia 15.3.2, visionOS 2.3.2, and Safari 18.3.1) address the same security flaw, tracked as
CVE-2025-24201, which is described as an out-of-bounds write issue in WebKit, the open-source browser engine that powers Safari. Left unpatched, a determined and savvy hacker could break free of sandbox controls to access a compromised device and wreak havoc.
"Maliciously crafted web content may be able to break out of Web Content sandbox. This is a supplementary fix for an attack that was blocked in iOS 17.2. (Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 17.2.),"
Apple explains.
What Devices Are Affected And How To Update
Here are the devices affected:
- iPhone XS and later
- iPad Pro 13-inch
- iPad Pro 12.9-inch 3rd gen and later
- iPad Pro 11-inch 1st gen and later
- iPad Air 3rd gen and later
- iPad 7th gen and later
- iPad mini 5th gen and later
- macOS Ventura (Safari browser)
- macOS Sonoma (Safari browser)
- macOS Sequoia
- Vision Pro
If you own any of the affected devices, your best bet is to check for and install the latest update as soon as you can. On iPhone, iPad, Mac, and Vision Pro devices, that entails going to Settings > General > Software Update and hitting Update Now. While you're there, it's a good idea to ensure to also Automatic Updates and make sure the toggles are flipped on.
As always, it's a good idea to back up your data first. Security updates don't typically go awry, but you know what they say about an ounce of prevention...(it's worth a pound of cure, in case you're stumped).
Some of the updates may go beyond the supplemental zero-day patch. On our iPhone 16 Pro Max, for example, the update message (shown above) indicates that iOS 18.3.2 also contains a fix for an issue that can prevent streaming content from playing.