Apple issues fixes for vulnerabilities in both old and new OS versions

Apple released security updates Monday to address software defects in the latest version of the company’s Safari browser and other applications across iOS, iPadOS and macOS. 

The security issues addressed across the latest versions of Apple’s most popular platforms include 62 vulnerabilities affecting iOS 18.4 and iPadOS 18.4, 131 vulnerabilities affecting macOS Sequoia 15.4 and 14 vulnerabilities affecting Safari 18.4.

The batch of software defects addressed by Apple includes CVE-2025-24221, which could make sensitive keychain data accessible from an iOS backup, and CVE-2025-24245, which could allow an attacker to use a malicious application to access a user’s saved passwords in macOS.

Apple also released security updates in older versions of its operating systems to address two actively exploited zero-day vulnerabilities it identified and released emergency software patches for March 11. 

A zero-day vulnerability in the company’s WebKit web browser engine, tracked as CVE-2025-24201, can allow an attacker to break out of WebKit’s Web Content sandbox and potentially conduct unauthorized actions. The second zero-day, CVE-2025-24200, can allow an attacker with physical access to disable USB Restricted Mode on a locked device.

Apple said both zero-days were actively exploited in an “extremely sophisticated attack against specific target individuals.” Apple released security updates Monday to address the zero-days in iOS 15.8.4 and 16.7.11, and iPadOS 15.8.4 and 16.7.11, versions of the company’s operating systems that power previous generation iPhones and iPads.

More information about Apple’s latest security updates are available on its website.