You Need to Update Your iPhone or Mac Right Now. Here’s Why…
It’s that time again—the mad scramble to refresh your Apple devices to patch two zero-day exploits under active attack. Zero-day exploits are now exposed in Apple’s operating systems multiple times a year—we’re at seven for 2022—and although Apple devices typically remain more secure than Windows, iOS and macOS aren’t the absolute bastions of impenetrability they once were.
Apple Patches Zero-Day Exploit Affecting Kernel and WebKit
On 19 August 2025, Apple released two security alerts: one foriOS and iPadOSand one formacOS. Both alerts concern Apple Webkit, the open-source browser engine powering Safari and heaps of other apps, and the kernel, which is effectively the core of the operating system and serves as a bridge between your hardware and software. Furthermore, although Apple issued two security warnings, the vulnerabilities are the same across each Apple operating system.
The first vulnerability, tracked asCVE-2022-32894(the CVE information isn’t fully published at the time of writing, but it will update), could allow an attacker to execute malicious code with kernel privileges. This means the malicious code would run with the highest level of access on a system, meaning it can perform any command and access any and all data.
The second vulnerability, tracked asCVE-2022-32893(again, the CVE information will update later), affects the Apple WebKit and could allow an attacker to execute malicious code within the web browser and other apps that use WebKit.
While Apple did detect some exploitation of these vulnerabilities, they didn’t reveal how many devices were breached. However, it did provide a list of devices affected by the vulnerabilities:
As you might expect, we strongly suggest youpatch your Apple devicesas soon as possible.
What Is a Zero-Day Exploit?
A zero-day exploitis a previously unreleased security vulnerability an attacker uses to breach a site, service, or otherwise. As the security and tech companies are unaware of its existence, it remains unpatched and vulnerable.
In this specific example, a security researcher reached out to Apple after discovering the exploits and advised them to patch immediately, otherwise an attacker could exploit them and run malicious code on a target device.
Zero-day vulnerabilities are difficult to protect against due to their very nature. Security researchers are often the first people to figure out a zero-day vulnerability and typically disclose findings to the company involved to make sure it is patched before the vulnerability is exposed. However, that isn’t always the case.
How to Patch macOS, iOS, and iPadOS
If you own any of the devices listed in the above section, you should update as soon as possible. Apple has already released the security update fixing the kernel and WebKit vulnerabilities, and they don’t take long to install.
On iOS and iPadOS:
Go Forth and Patch Your Apple Devices
It’s always best to keep your devices up to date, whether using Apple, Windows, Linux, or otherwise. Although zero-day vulnerabilities are difficult to protect against, they’re often used in targeted attacks on specific devices. Now, that doesn’t mean you should get complacent and think your device will be the special one, but patching as soon as a security update becomes available is always the best option.
Here’s how to partition an external hard drive for Time Machine on your Mac so you can store other files too.
Freeing up vital memory on Windows only takes a moment, and your computer will feel much faster once you’re done.
Not all true crime is about hacking, slashing, and gore.
You’re not getting the most out of what you pay for iCloud+.
You can’t call this offline, Notion.
My iPhone does it all, but I still need my dumb phone.
