Security News > 2025 > March > Apple Releases Patch for WebKit Zero-Day Vulnerability Exploited in Targeted Attacks
2025-03-12 04:02
Apple on Tuesday released a security update to address a zero-day flaw that it said has been exploited in "extremely sophisticated" attacks. The vulnerability has been assigned the CVE identifier CVE-2025-24201 and is rooted in the WebKit web browser engine component. It has been described as an out-of-bounds write issue that could allow an attacker to craft malicious web content such that it
News URL
https://thehackernews.com/2025/03/apple-releases-patch-for-webkit-zero.html
Related news
- Apple fixes WebKit zero-day exploited in ‘extremely sophisticated’ attacks (source)
- Zero-Day Alert: Google Releases Chrome Patch for Exploit Used in Russian Espionage Attacks (source)
- New OpenSSH Flaws Enable Man-in-the-Middle and DoS Attacks — Patch Now (source)
- Microsoft fixes Power Pages zero-day bug exploited in attacks (source)
- CISA Flags Craft CMS Vulnerability CVE-2025-23209 Amid Active Attacks (source)
- MITRE Caldera RCE vulnerability with public PoC fixed, patch ASAP! (CVE-2025–27364) (source)
- Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks (source)
- Broadcom fixes three VMware zero-days exploited in attacks (source)
- Critical PHP RCE vulnerability mass exploited in new attacks (source)
- Microsoft March 2025 Patch Tuesday fixes 7 zero-days, 57 flaws (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-03-11 | CVE-2025-24201 | Out-of-bounds Write vulnerability in Apple products An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. | 8.8 |