Key Takeaways
- Apple has released security updates for its operating systems and Safari web browser to address two security flaws that have been exploited in the wild.
- The vulnerabilities, CVE-2025-43529 and CVE-2025-14174, affect the WebKit rendering engine and may lead to arbitrary code execution or memory corruption.
- The flaws have been patched in the latest versions of iOS, iPadOS, macOS, tvOS, watchOS, visionOS, and Safari.
- Apple has now patched nine zero-day vulnerabilities that were exploited in the wild in 2025.
- The vulnerabilities were likely used in highly-targeted mercenary spyware attacks, given their impact on WebKit and the fact that they were exploited in the wild.
Introduction to the Security Updates
Apple has released security updates for its operating systems, including iOS, iPadOS, macOS, tvOS, watchOS, and visionOS, as well as its Safari web browser. The updates address two security flaws, CVE-2025-43529 and CVE-2025-14174, which have been exploited in the wild. The vulnerabilities affect the WebKit rendering engine, which is used in all third-party web browsers on iOS and iPadOS, including Chrome, Microsoft Edge, and Mozilla Firefox. According to Apple, the vulnerabilities may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26.
Details of the Vulnerabilities
The first vulnerability, CVE-2025-43529, is a use-after-free vulnerability in WebKit that may lead to arbitrary code execution when processing maliciously crafted web content. The second vulnerability, CVE-2025-14174, is a memory corruption issue in WebKit that may lead to memory corruption when processing maliciously crafted web content. The latter vulnerability is the same one that was patched by Google in its Chrome browser on December 10, 2025. It has been described as an out-of-bounds memory access in the company’s open-source Almost Native Graphics Layer Engine (ANGLE) library, specifically in its Metal renderer. Apple Security Engineering and Architecture (SEAR) and Google Threat Analysis Group (TAG) have been credited with discovering and reporting the flaw, while Apple credited TAG with finding CVE-2025-43529.
Impact of the Vulnerabilities
The fact that the vulnerabilities affect WebKit, which is used in all third-party web browsers on iOS and iPadOS, suggests that they were likely used in highly-targeted mercenary spyware attacks. The vulnerabilities have been addressed in the latest versions of iOS, iPadOS, macOS, tvOS, watchOS, visionOS, and Safari. The updates are available for a range of devices, including iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later. The updates are also available for Macs running macOS Tahoe, Apple TV HD and Apple TV 4K, Apple Watch Series 6 and later, and Apple Vision Pro.
Previous Zero-Day Vulnerabilities
With these updates, Apple has now patched nine zero-day vulnerabilities that were exploited in the wild in 2025. The previous vulnerabilities include CVE-2025-24085, CVE-2025-24200, CVE-2025-24201, CVE-2025-31200, CVE-2025-31201, CVE-2025-43200, and CVE-2025-43300. The fact that Apple has patched so many zero-day vulnerabilities in a single year highlights the importance of keeping software up to date and the need for ongoing security research and development. By releasing regular security updates, Apple is helping to protect its users from sophisticated attacks and ensuring the security and integrity of its operating systems and applications.
Conclusion
In conclusion, the security updates released by Apple address two serious security flaws that have been exploited in the wild. The vulnerabilities, which affect the WebKit rendering engine, may lead to arbitrary code execution or memory corruption, and were likely used in highly-targeted mercenary spyware attacks. By patching these vulnerabilities, Apple is helping to protect its users from sophisticated attacks and ensuring the security and integrity of its operating systems and applications. It is essential for users to keep their software up to date to ensure they have the latest security patches and are protected from potential threats.
