Apple’s Latest Security Patch Fixes a Zero-Day Vulnerability Targeting Chrome
When Apple abandoned iOS 18.6 this week, he did not send a lot of new features and changes. Indeed, when you update your iPhone, it will appear exactly as it has executed iOS 18.5. Under the hood, however, the update has introduced more than 20 corrections for security vulnerabilities on iOS, making it a significant security update for all compatible devices.
When Apple published its security tickets for the update, that did not indicate whether one of the faults was zero day – in other words, if one of the faults had been operated or disclosed publicly before a fix was easily available. This puts the user to an advantage, as he suggests that bad players have not understood how to take advantage of the now fixed faults. However, it turns out that one of these faults was actively used – not against an Apple product.
The vulnerability in question is followed as CVE-2025-6558. According to Apple’s version notes, this is a defect that could crash safari when processing malicious web content. As Apple indicates, vulnerability is not a specific defect in iOS; It is rather a vulnerability in the open source code, and Apple software is affected.
Although Apple claims that this vulnerability has not been used against Apple software, at least when the version notes have been published, software that seems to have been actively exploited using this defect is Google Chrome. As indicated by Bleeping Computer, CVE-2025-6558 can allow bad players to execute their own code in the Chrome GPU process when visiting malware. This could allow hackers to enter the operating system of the target machine. If you use an Apple product, it would mean that iOS, macOS, iPados, Tvos, Visionos or Watchos could be compromised from this attack. (Apple has published security updates for all these ESOs, respectively.)
The defect is a serious matter: the Cybersecurity and Infrastructure Security Agency (CISA) has listed this flaw among its known vulnerability catalog, and now requires that federal agencies update their software by August 12.
What do you think so far?
Protect your devices from this zero day
To ensure that you protect your devices from this vulnerability, you will want to update all the affected hardware and software. This means that you will want to update all Apple to iOS 18.6 devices, and if you use Chrome or a chrome -based browser (like Microsoft Edge or Opera), you will want to update it to the latest version.
You can usually install Apple updates, as on an iPhone, from Settings> General> Software update. On Chrome, click on the three points at the top right, then go to Help> on Google Chrome.
