Apple Patches Two Zero-Days Tied to Mysterious Exploited Chrome Flaw

913

•

Apple Patches Two Zero-Days Tied to Mysterious Exploited Chrome Flaw (www.securityweek.com)

From the post:

>According to Apple’s advisories, the zero-days impact WebKit, the browser engine present in Safari, iOS, iPadOS, macOS, tvOS, watchOS, and visionOS. One of the zero-days, CVE-2025-14174, has been described as a memory corruption issue, while the second, CVE-2025-43529, is a use-after-free bug. They can both be exploited using maliciously crafted web content to execute arbitrary code. Apple announced patches for CVE-2025-14174 and CVE-2025-43529 with the release of iOS and iPadOS 26.2, iOS and iPadOS 18.7.3, macOS Tahoe 26.2, Safari 26.2 for macOS, tvOS 26.2, watchOS 26.2, and visionOS 26.2.

Archive: https://archive.today/JTLAn From the post: >>According to Apple’s advisories, the zero-days impact WebKit, the browser engine present in Safari, iOS, iPadOS, macOS, tvOS, watchOS, and visionOS. One of the zero-days, CVE-2025-14174, has been described as a memory corruption issue, while the second, CVE-2025-43529, is a use-after-free bug. They can both be exploited using maliciously crafted web content to execute arbitrary code. Apple announced patches for CVE-2025-14174 and CVE-2025-43529 with the release of iOS and iPadOS 26.2, iOS and iPadOS 18.7.3, macOS Tahoe 26.2, Safari 26.2 for macOS, tvOS 26.2, watchOS 26.2, and visionOS 26.2.

Be the first to comment!

Login or register