Apple Releases Security Updates for Multiple Products
Security updates include remediation for exploited vulnerability CVE-2025-24201, which affects iOS, iPadOS, and macOS
Summary
Security updates include remediation for exploited vulnerability CVE-2025-24201, which affects iOS, iPadOS, and macOS
Affected platforms
The following platforms are known to be affected:
Threat details
Exploitation of CVE-2025-24201
The security update addressing CVE-2025-24201 is a supplementary fix for an exploited vulnerability that was addressed in iOS 17.2. Apple is aware of a report that 'this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 17.2'.
Introduction
Apple has released security updates to address an exploited vulnerability in multiple Apple products. CVE-2025-24201 is an 'out-of-bounds write' vulnerability that could allow an attacker with maliciously crafted web content to break out of Web Content sandbox.
The security update addressing CVE-2025-24201 is a supplementary fix for an exploited vulnerability that was addressed in iOS 17.2. Apple is aware of a report that 'this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 17.2'.
CVE-2025-24201 also listed in Google Chrome Releases Stable Channel for Desktop Update
Google Chrome Releases Stable Channel for Desktop has included CVE-2025-24201 as being an 'Out of bounds write in GPU on Mac' vulnerability and has started releasing security updates for 134.0.6998.89 for Mac.
Google is aware of reports that an exploit for CVE-2025-24201 exists in the wild.
Remediation advice
Affected organisations are encouraged to review Apple security releases and apply the relevant updates.
Remediation steps
| Type | Step |
|---|---|
| Patch |
Safari 18.3.1 | 122285 https://support.apple.com/en-us/122285 |
| Patch |
iOS 18.3.2 and iPadOS 18.3.2 | 122281 https://support.apple.com/en-us/122281 |
| Patch |
macOS Sequoia 15.3.2 | 122283 https://support.apple.com/en-us/122283 |
| Patch |
visionOS 2.3.2 | 122284 https://support.apple.com/en-us/122284 |
Definitive source of threat updates
Last edited: 12 March 2025 4:34 pm