If you own an iPhone or iPad, it’s time to stop what you’re doing and update your device.
A newly discovered security flaw, CVE-2025-24201, could leave your personal information vulnerable to hackers.
The good news? Apple has released iOS 18.3.2 and iPadOS 18.3.2 to fix the issue. Let me explain what all this means for you and how you can stay protected.
IOS 18.3.2 software update on iPhone (Kurt “CyberGuy” Knutsson)
What is CVE-2025-24201?
This vulnerability resides in WebKit, the open-source browser engine that powers Safari, Mail, App Store and other apps on Apple devices. The flaw is an out-of-bounds write issue, which allows attackers to use maliciously crafted web content to bypass the Web Content sandbox, a key security layer that isolates web content from accessing sensitive system resources. Apple has acknowledged that this vulnerability may have been exploited in highly advanced attacks targeting specific individuals using older versions of iOS before 17.2. These attacks are believed to involve well-funded threat actors, such as state-sponsored hackers or advanced cybercriminal groups.
Why does this matter?
Zero-day vulnerabilities like CVE-2025-24201 are particularly dangerous because they are exploited before developers can patch them. In this case, the attacks were highly targeted, meaning most users are unlikely to have been affected directly. However, these incidents underscore the importance of regularly updating your devices to stay protected against evolving threats.
HOW TO PROTECT YOUR IPHONE & IPAD FROM MALWARE
Who is affected?
The vulnerability impacts a wide range of Apple devices, including:
- iPhone XS and later
- iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and late-r, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later and iPad mini 5th generation and later.
If you own any of these devices, it’s crucial to update your software immediately.
What is Apple doing about it?
Apple released emergency patches on March 11, 2025, as part of iOS 18.3.2 and iPadOS 18.3.2 updates. These updates introduce improved checks to prevent unauthorized actions caused by the vulnerability. This patch is a supplementary fix for an earlier attack mitigated in iOS 17.2.
WHAT IS ARTIFICIAL INTELLIGENCE (AI)?
Software update notice (Kurt “CyberGuy” Knutsson)
YOUR IPHONE HAS A HIDDEN FOLDER EATING UP STORAGE SPACE WITHOUT YOU EVEN KNOWING
How to update your software on iPhone
- Go to Settings
- Tap General
- Click Software Update
- Download and install the latest update
- Your iPhone will restart once the update is complete
Steps to update software on iPhone (Kurt “CyberGuy” Knutsson)
GET FOX BUSINESS ON THE GO BY CLICKING HERE
How to update your software on iPad
- Go to the Settings app on your iPad
- Tap General
- Then click Software Update
- Tap Download and Install to begin the update process
- Enter your passcode if prompted and agree to the terms and conditions
- The update will download and install
- Your iPad will restart once the update is complete
Additional security measures to protect your iPhone and iPad
1. Enable two-factor authentication: Turn on two-factor authentication for your Apple ID to add an extra layer of security to your account.
2. Have strong antivirus software: The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices.
3. Use a strong passcode: Set up a strong alphanumeric passcode instead of a simple four-digit PIN. Avoid using easily guessable information like birth dates.
4. Enable face ID or touch ID: Utilize biometric authentication to prevent unauthorized access to your device.
5. Manage app permissions: Regularly review and adjust app permissions to ensure they only access necessary data.
6. Secure lock screen notifications: Disable or limit sensitive information displayed in lock screen notifications.
7. Use Apple’s App Privacy Report: Apple’s App Privacy Report is a powerful tool that allows iPhone users to monitor how apps access their data and interact with third-party services. This feature provides valuable insights into app behavior, helping you make informed decisions about your privacy.
8. Download apps from official sources: Only install apps from the Apple App Store to avoid potential malware.
9. Keep your Apple ID secure: Never share your Apple ID or password with others, even family members.
10. Enable Find My iPhone: Ensure Find My iPhone is activated to help locate your device if it’s lost or stolen.
11. Invest in a password manager: To go beyond iCloud’s keychain for increased security, you’ll want to invest in a password manager. These are created specifically for the protection of passwords and include features for important documents and photos. This is also beneficial when sharing private data with family members. Get more details about my best expert-reviewed password managers of 2025 here.
Kurt’s key takeaways
While it might be tempting to put off updates, you don’t want to delay this one. CVE-2025-24201 is a serious threat that’s already been used in the wild. Sure, you might not be a high-profile target, but why take chances with your personal data? Updating your device is like giving it a digital suit of armor, and it only takes a few minutes. So, hit that update button and give yourself some peace of mind.
CLICK HERE TO GET THE FOX NEWS APP
Do you think Apple is doing enough to stay ahead of evolving cyber threats, or are there additional steps the company should take to protect its users? Let us know by writing us at Cyberguy.com/Contact.
For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.
Ask Kurt a question or let us know what stories you’d like us to cover.
Follow Kurt on his social channels:
Answers to the most-asked CyberGuy questions:
New from Kurt:
Alert:
Copyright 2025 CyberGuy.com. All rights reserved.
