Apple has announced the release of iOS 18.3.2 and iPadOS 18.3.2 on Tuesday. These unscheduled updates aim to fix a significant software vulnerability and enhance security for iPhone and iPad users.
The devices eligible for this update include the iPhone XS and newer models, alongside various iPad models, including the iPad Pro (13-inch and 12.9-inch 3rd generation and later), iPad Air (3rd generation and later), and iPad mini (5th generation and later). The update addresses a specific security flaw identified as CVE-2025-24201.
This vulnerability could potentially allow maliciously crafted web content to escape a Web Content sandbox, which is designed to prevent websites from accessing sensitive data or disrupting the device’s operating system. Attackers could exploit this vulnerability to steal personal information, install harmful software, or carry out other malicious activities.
Apple confirmed awareness of reports indicating that this flaw had been exploited in an advanced targeted attack against select individuals using earlier versions of iOS before iOS 17.2. The company stated, “An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions.”
To install the update, users can navigate to Settings > General > Software Update and follow the prompts. Additionally, those enrolled in the iOS 18 beta program have received the iOS 18.4 beta 3 update, which includes bug fixes and improvements for overall performance.
While no major new features are expected from this beta, one notable change is the renaming of a menu option in Apple Wallet to “Preauthorized Payments.” This feature allows users to manage merchants authorized to charge their Apple Pay accounts for subscriptions or other recurring payments seamlessly.