Apple has just released an emergency security update to fix a zero-day vulnerability that, according to the company, had already been exploited in "extremely sophisticated" attacks. This flaw, identified as CVE-2025-24201, affects WebKit, the engine behind the Safari browser and many other applications on macOS, iOS, and even systems like Linux and Windows.
What's concerning is that this vulnerability appears to be linked to an attack that was previously blocked in iOS 17.2, suggesting that some users running earlier iOS versions may have been at risk without knowing it.
If you own an iPhone, iPad, or Mac, this is something you should pay attention to. In this article, we’ll explain what happened, why this vulnerability is dangerous, and — most importantly — what you can do to stay protected.
Apple released a new update to address this serious zero-day vulnerability, known as CVE-2025-24201. According to Apple, attackers could exploit this flaw by using malicious web content designed to bypass the security restrictions that normally isolate web content.
The issue was linked to an out-of-bounds write error, which cybercriminals can exploit to execute unauthorized actions. Apple resolved the problem by improving security checks in its latest updates:
The list of affected devices is quite extensive and includes both older and newer models:
So far, Apple has not disclosed who discovered this vulnerability or provided specific details about the "extremely sophisticated" attacks linked to it.
While this vulnerability seems to have been exploited mainly in targeted attacks (likely against specific individuals), Apple strongly recommends updating your devices as soon as possible to prevent other attackers from attempting to exploit the same flaw.
Read More: March 2025 Patch Tuesday Microsoft Security Updates
Unfortunately, yes. This is already the third zero-day vulnerability Apple has patched this year. The previous two were:
Last year, Apple fixed six similar zero-day vulnerabilities, and in 2023, the company addressed as many as 20 zero-day flaws. This shows that while Apple is known for its robust security measures, cybercriminals are constantly working to find new ways to bypass them.
The best advice is simple: update your device right away. These updates not only fix this specific vulnerability but also enhance overall security to keep you safe from future threats. Taking a few minutes to update now could save you from potential headaches down the road.