Apple’s first iOS 26 safety replace fixes reminiscence corruption flaw

Apple has pushed the primary safety replace for its newest iPhone working system, iOS 26, fixing a single, medium-severity vulnerability, assigned designation CVE-2025-43400, affecting Apple FontParser, a element in Apple working programs that permits font processing.

“FontParser is the system that interprets font recordsdata, so characters could be interpreted throughout functions, paperwork and the online,” stated Sylvain Cortes, vice-president of technique at Hackuity, a safety publicity administration specialist. “As these recordsdata are sometimes loaded routinely from paperwork, emails or web sites, vulnerabilities listed here are excessive threat,” he defined.

CVE-2025-43400 is an out-of-bounds write challenge which is exploited when a weak machine processes a maliciously crafted font hidden in an in any other case seemingly benign piece of content material. Affected units could expertise surprising behaviours similar to sudden app termination or course of reminiscence corruption.

Whereas app crashes are extra usually annoying than dangerous, course of reminiscence corruption is especially harmful as, given the proper circumstances, it might kind a component of an assault chain by main to behavior that may allow an attacker to achieve unauthorised system entry, exfiltrate knowledge, and even distant code execution (RCE) additional down the road.

In response to Johannes Ullrich of the SANS Know-how Institute, it’s unclear if CVE-2025-43400 is exploitable for RCE, nevertheless, there stays an opportunity that profitable exploitation of CVE-2025-43400 could lead to ransomware assaults.

In a sometimes bare-bones announcement – Apple doesn’t supply a lot element on vulnerabilities in its cellular merchandise lest they be exploited to focus on its huge person base – the provider gave no indication as as to whether or not CVE-2025-43400 is being exploited within the wild.

Traditionally, many safety vulnerabilities uncovered in Apple’s cellular working system have had important impacts, with many being weaponised in focused espionage and surveillance actions by spyware-makers and unsavoury governments.

“Though no energetic exploitation has been noticed within the wild, customers and enterprises ought to instantly apply the newest updates throughout all Apple units to minimise publicity to assaults,” stated Cortes.

Adam Boynton, senior safety technique supervisor for EMEIA at Apple machine administration specialist Jamf, echoed this sentiment and urged safety managers to not be lulled right into a false sense of complacency.

“As a result of the problem has the potential to trigger service disruptions or undermine system stability, we strongly advocate updating to iOS 26.0.1 at your earliest comfort,” he stated. “Organisations ought to guarantee fleet units are stored present, implement compliance, and monitor for OS replace roll-out standing.” 

The replace takes iOS 26 to model 26.0.1 and, as ordinary, customers whose units haven’t routinely utilized it might discover it by navigating to their machine Settings, adopted by Common, Software program Replace, and Obtain and Set up.

CVE-2025-43400 can be mounted in iOS 18.7.1, iPadOS 26.0.1 and 18.7.1, macOS Sequoia 15.7.1, macOS Sonoma 14.8.1, macOS Tahoe 26.01.1, and visionOS 26.0.1.