Apple released security updates on December 12, 2025 for several operating systems. The fixes address two critical flaws in the WebKit browser engine, identified as CVE-2025-43529 and CVE-2025-14174. Essas vulnerabilities allowed arbitrary code execution or memory corruption when processing malicious web content.
The company confirmed that the flaws were exploited in highly targeted attacks against specific individuals in previous versions of iOS. One of them, CVE-2025-14174, also affected the Chrome browser from Google, which received a separate fix on December 10.
The updates cover iOS, iPadOS, macOS, tvOS, watchOS, visionOS, and Safari. Usuários must install the latest versions to mitigate risks.
Details of fixed vulnerabilities
CVE-2025-43529 is a use-after-free issue in WebKit. Essa flaw could allow attackers to execute arbitrary code on affected devices via crafted web pages.
Researchers at Google Threat Analysis Group identified and reported the issue to Apple. The exploit only required the victim to access malicious content in a browser.
CVE-2025-14174 involves memory corruption in the processing of web content. Ela has a CVSS score of 8.8, indicating high severity.
This same vulnerability impacted the ANGLE library on Chrome, with a correction coordinated between Apple and Google. Ambas the flaws affect WebKit, mandatory used in all browsers on iOS and iPadOS.
- Remote code execution without additional user interaction.
- Potential for installing spyware on target devices.
- Exploration limited to targeted, not mass, campaigns.
Updated versions and compatible devices
The fixes arrive through specific versions for each platform. Para iOS and iPadOS updates are iOS 26.2 and iPadOS 26.2, plus iOS 18.7.3 and iPadOS 18.7.3 for older models.
They cover iPhones from XS onwards, iPads from recent generations and compatible iPad minis. On macOS Tahoe 26.2, the update applies to Macs running that version.
- tvOS 26.2: Apple HD and 4K TV all models.
- watchOS 26.2: Apple Watch Series 6 and later.
- visionOS 26.2: Todos the models of Apple Vision Pro.
- Safari 26.2: Macs with macOS Sonoma or Sequoia.
Users receive updates automatically or can install them manually from software settings.
Context of zero-day explorations in 2025
With these fixes, Apple reaches nine zero-day vulnerabilities exploited in the year. Anteriormente, the company patched flaws such as CVE-2025-24085, CVE-2025-24200 and CVE-2025-24201 in early 2025.
Others included CVE-2025-31200, CVE-2025-31201, CVE-2025-43200 and CVE-2025-43300. Muitas of them involved components like Kernel or ImageIO.
The frequency of zero-days reflects the interest of advanced attackers in Apple ecosystems. Colaborações with groups like the Google TAG helped in quickly detecting these threats.
These incidents highlight the importance of regular updates on mobile and desktop devices.
Technical characteristics of WebKit
WebKit serves as the open-source rendering engine used in Safari. On iOS and iPadOS, all third-party browsers, including Chrome, Edge, and Firefox, depend on it due to security restrictions.
This makes WebKit flaws particularly critical for Apple users. Ataques can exploit alternative browsers without the need for malicious apps.
The ANGLE library, involved in CVE-2025-14174, handles WebGL graphics. Problemas in this layer affects rendering on multiple platforms.
Improvements in memory management resolve reported crashes.
Collaboration between Apple and Google
The joint discovery reflects coordination between security teams. The Google TAG and Apple SEAR worked together to identify CVE-2025-14174.
Google first patched the Chrome desktop on December 10th. Apple followed with extensive updates two days later.
This partnership accelerates responses to shared threats in open-source components. Explorações suggest use in mercenary spyware campaigns.
Other fixes in the same update
The updates include patches for more than 20 additional flaws in various components. Problemas in Kernel, like integer overflow, could allow privilege escalation.
Flaws in frameworks such as FaceTime, Messages and App Store also receive fixes. Algumas involved improper access to sensitive data.
- CVE-2025-46285: Overflow on Kernel with root potential.
- Issues on Screen Time exposing browsing history.
- Fixes in curl and other network modules.
These general improvements strengthen the overall security of the systems.
Recommendations for users
Experts advise immediate installation of available updates. On your iPhone or iPad, go to Ajustes > Geral > Atualização of Software.
On Macs, use Preferências of Sistema or Configurações to check for updates. Older Dispositivos receive extended support versions like iOS 18.7.3.
Maintaining regular backups complements protection measures. Evitar suspicious links reduce the risk of exploitation via the web. US Agência of Cibersegurança added one of the flaws to the catalog of known exploited vulnerabilities.
Evolution of threats to Apple devices
Exploitation of flaws in WebKit remains common in targeted attacks. In previous years, similar vulnerabilities made it easier to install surveillance tools.
Apple’s quick response limits the impact of these campaigns. The focus on sophisticated attacks indicates high-profile targets such as journalists or activists.
Continuous monitoring by internal and external teams keeps detection efficient.
