Apple lately issued a experience of system updates for patch a zero-day exploit used to hit Google Chrome customers. The vulnerability, monitored as CVE-2025-6558, was found in June by the evaluation group of Google threats (tags), which mentioned she was actively exploited in nature.
Which Apple working methods have been patchrated?
Google Chrome is on the market on numerous Apple gadgets, so the patches have been launched for these working methods:
- MacOS sequoia 15.6
- iOS 18.6
- IPados 18.6
- Tvos 18.6
- IPados 17.7.9
- Visionos 2.6
- Watchos 11.6
Some working methods are used on a number of gadgets. For instance, iPados 18.6 is current in every era of iPad Pro 11 inch and 13 inches, however is used solely within the third era and subsequently of the iPad Pro 12.9 inches. It can be used within the third era iPad Air or subsequently, within the iPad mini fifth era or subsequently and within the iPad Sevenh Generation or later.
There is the same vulnerability in Apple’s safari, even whether it is recognized solely to arrest the online browser. According to Apple, the exploit has not been used to assault Safari customers.
How hackers used the chrome exploit
The CVE-2025-6558 bug makes use of the validation contained in the nook (nearly native graphic engine), which is utilized in Chrome’s rendering pipeline. Once compromised, hackers can not create dangerous net pages to carry out the code throughout the browser’s GPU course of, permitting them to bypass the inner ensures which can be supposed to separate the processes of the online browser from the working system processes. This can probably grant the striker excessive entry to the system.
A publish on the weblog of twenty-two July by the Office of Information Technology Services with New York State Readings, partially: “Multiple vulnerabilities have been found in Google Chrome, essentially the most critical of which may enable the arbitrary execution of the code.
Who is behind the assault?
The Google tag has not but attributed CVE-2025-6558 to any group of attackers or particular threats, however the crew usually studies of threats associated to hackers sponsored by the state.
On July 15, Google launched its patch for Chrome who lined the patch variations 138.0.7204.157/.158 for Windows and MacOS and 138.0.7204.157 for Linux.
Protect Apple and Google customers from the most recent threats
The final vulnerability marks the sixth Exploit to zero days patched by Apple in 2025 to date, and it’s potential that we’ll see Thai extra yr. As all the time, Apple recommends downloading and putting in the most recent updates as quickly as they’re made obtainable to the general public.
The United Kingdom is fixing daring precedents on how cell platforms work and who controls them. Read our protection of the final transfer of the competitors and the markets of the Authority in opposition to Big Tech.
