Apple has released iOS 18.6, an update that doesn’t change the appearance of your iPhone but is crucial for security, addressing over 20 vulnerabilities across iOS devices. Initially, it seemed none of these were zero-day flaws—vulnerabilities already exploited or publicly known before a patch was available. However, it was later revealed that one flaw, CVE-2025-6558, was actively exploited, not against Apple products but Google Chrome. This vulnerability could crash Safari with malicious web content and allow hackers to execute code within Chrome’s GPU process, potentially compromising the operating system of a target device. Apple has issued updates for all its operating systems, including iOS, macOS, iPadOS, tvOS, visionOS, and watchOS, to mitigate this risk. The Cybersecurity and Infrastructure Security Agency (CISA) has highlighted the seriousness of this flaw, mandating federal agencies to update their software by August 12. To protect your devices, users are advised to update all Apple devices to iOS 18.6 and ensure Chrome or any Chromium-based browser is updated to the latest version. Updates can be installed on Apple devices via Settings > General > Software Update, and on Chrome through Help > About Google Chrome.
Has Apple’s latest update fixed a Chrome-targeting zero-day vulnerability?
