Apple Urges Immediate Updates as Zero Day WebKit Flaws Threaten iPhone and iPad Users
Apple has suddenly issued an urgent security warning to all iPhone and iPad users around the world, advising them to install the latest software updates, as it has discovered two critical zero-day vulnerabilities that are actively being used in highly sophisticated attacks.
The vulnerabilities were discovered within WebKit, the browser engine behind Safari and every browser on iOS and iPadOS. The bugs could be used by malicious websites to run malicious code on a device, potentially enabling attackers to hijack controls without users knowing or acting.
What’s at Stake?
The vulnerabilities were classified as zero day, meaning they were previously unknown to developers at the time of exploitation. Apple and Google's Threat Analysis Group security researchers confirmed the bugs were already being used to target specific individuals.
Devices most at risk include:
🔹iPhone 11 and later
🔹iPad Pro 12.9-inch (3rd generation and later)
🔹iPad Pro 11-inch (1st generation and later)
🔹iPad Air (3rd generation and later)
🔹iPad (8th generation and later)
🔹iPad mini (5th generation and later)
The Fix
Apple has released patches across its entire ecosystem, including:
🔹iOS 26.2 / iPadOS 26.2
🔹iOS 18.7.3 / iPadOS 18.7.3
🔹macOS Tahoe 26.2
🔹Safari 26.2
🔹tvOS, watchOS, and visionOS 26.2
One of these vulnerabilities is a "use after free" memory vulnerability, CVE-2025-43529, while another is a memory corruption vulnerability, CVE-2025-14174. These issues were both resolved through enhanced memory management.
Already protected may be users who turn on the updates automatically. others update manually by clicking setting –> General –> Software update.
How to Stay Safe?
According to cybersecurity specialists, the most important protection against a zero day attack is the latest updates. Other safety precautions are as follows:
- Allow automatic updates on all Apple devices
- Refrain from opening unexpected links sent via text messages, emails, or messaging services
- Type the address of websites by hand if there is a question about the validity of a link
- Use reputable security software to scan for phishing emails and malware
- Control internet exposure through restricting online sites accessed.online reduce exposure
Restricting
Apple made clear that they do not release information about the security until investigations are completed and patches can be provided and this issue is very severe.
In summary: “If you have an iPhone or iPad, update now. Waiting even a day or two could put your device at risk for one of the most common and dangerous types of computer attacks.”
