Apple Releases iOS 18.3.2, macOS 15.3.2 Updates to Fix Security Flaw That Enabled ‘Extremely Sophisticated Attack’

Apple on Tuesday rolled out necessary safety patches for iOS 18, iPadOS 18, and macOS Sequoia. The firm says that the newest software program releases embody a repair for a safety vulnerability that was utilized by hackers to focus on some people. This is the third time this 12 months that Apple has issued safety updates for a severe safety flaw. Users can replace eligible iPhone, iPad, and Mac computer systems to the newest variations, which addresses the flaw in Apple’s browser engine.

iOS 18.3.2, iPadOS 18.3.2 and macOS 15.3.2 Fix Serious WebEquipment Security Flaw

The firm’s release notes for iOS 18.3.2 and iPadOS 18.3.2 reveal that the updates embody a repair for one notable safety flaw that impacts WebEquipment, the browser engine used on Safari. This zero-day safety flaw (CVE-2025-24201) has additionally been resolved with the macOS Sequoia 15.3.2 and visionOS 2.3.2 updates.

Apple says that the WebEquipment safety vulnerability allowed maliciously crafted net content material to flee the Web Content sandbox. The firm explains that this out-of-bounds challenge may enable hackers to realize entry to a consumer’s system and carry out unauthorised actions.

It’s additionally price noting that Apple has mentioned it’s conscious that the safety flaw “could have been exploited in an especially subtle assault in opposition to particular focused people on variations of iOS earlier than iOS 17.2.”. The flaw was first mounted within the iOS 17.2 update that rolled out to customers in December 2023.

Last month, Apple launched iOS 18.3.1 and iPadOS 18.3.1 with a repair for a safety flaw that allowed attackers to disable USB Restricted Mode on a locked system. At the time, the corporate mentioned that it was conscious the vulnerability was used to focus on particular folks, utilizing an extraordinarily subtle assault.

The firm additionally launched iOS 18.3, iPadOS 18.3.1, and macOS 15.3 with fixes for a safety flaw that allowed a malicious software to realize elevated privileges on a consumer’s system. Apple said that the flaw was used to focus on customers with units working iOS 17.2 or older variations of its iOS working system.