From PC Mag: Apple is patching a zero-day vulnerability in iPhones and iPads that could be exploited in "extremely sophisticated" attacks.
The vulnerability, dubbed CVE-2025-24201, was found in WebKit, Apple's open-source framework that helps render pages in Safari, Mail, App Store, and other apps. It can cause "maliciously crafted web content" to break out of the Web Content sandbox, Apple said in its release notes.
Apple says it's aware of the vulnerability being exploited in "an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 17.2" and that the new security patch is a supplementary fix to the one released with iOS 17.2.
Devices at risk include the iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later.
View: Full Article
