{"id":8166,"date":"2025-11-04T10:04:12","date_gmt":"2025-11-04T10:04:12","guid":{"rendered":"https:\/\/serisec.com\/index.php\/2025\/11\/04\/apple-patches-multiple-critical-vulnerabilities-in-ios-26-1-and-ipados-26-1\/"},"modified":"2025-11-04T10:04:12","modified_gmt":"2025-11-04T10:04:12","slug":"apple-patches-multiple-critical-vulnerabilities-in-ios-26-1-and-ipados-26-1","status":"publish","type":"post","link":"https:\/\/serisec.com\/index.php\/2025\/11\/04\/apple-patches-multiple-critical-vulnerabilities-in-ios-26-1-and-ipados-26-1\/","title":{"rendered":"Apple Patches Multiple Critical Vulnerabilities in iOS 26.1 and iPadOS 26.1"},"content":{"rendered":"

Apple Patches Multiple Critical Vulnerabilities in iOS 26.1 and iPadOS 26.1
\n \t

\n
<\/BR>
\n
\n \t

\n
<\/BR><\/p>\n

\n

Apple released iOS 26.1 and iPadOS 26.1, addressing multiple vulnerabilities that could lead to privacy breaches, app crashes, and potential data leaks for iPhone and iPad users.<\/p>\n

The update targets devices starting from the iPhone 11 series and various iPad models, including the iPad Pro (3rd generation 12.9-inch and later), iPad Pro 11-inch (1st generation and later), iPad Air (3rd generation and later), iPad (8th generation and later), and iPad mini (5th generation and later).<\/p>\n

This release underscores Apple\u2019s ongoing commitment to rapid response against evolving threats, especially as cyber risks intensify in an era of advanced malware and targeted attacks.<\/p>\n

The patches address over 50 issues across core components like WebKit, the Kernel, and Accessibility features. Many stem from memory corruption risks, privacy issues, and sandbox escapes, which could allow malicious apps to snoop on user data or destabilize the system.<\/p>\n

Security researchers from ByteDance, Trend Micro\u2019s Zero Day Initiative, Google, and independent experts discovered most flaws, highlighting the collaborative nature of vulnerability hunting in the iOS ecosystem.<\/p>\n

Key Privacy and Sandbox Vulnerabilities Patched<\/strong><\/h2>\n

Several fixes focus on preventing apps from overstepping boundaries, a common vector for data theft. For instance, in Accessibility (CVE-2025-43442), a permissions flaw let apps detect other installed applications, potentially enabling fingerprinting.<\/p>\n

Apple mitigated<\/a> this with stricter restrictions. Similarly, the Apple Account component (CVE-2025-43455) blocked malicious apps from screenshotting sensitive info in embedded views through enhanced privacy checks.<\/p>\n

In the Kernel and Apple Neural Engine, memory handling improvements (CVE-2025-43398, CVE-2025-43447, CVE-2025-43462) prevent unexpected crashes or kernel corruption, which could lead to denial-of-service attacks<\/a>.<\/p>\n

Assets and CloudKit updates (CVE-2025-43407, CVE-2025-43448) reinforce sandbox integrity by validating symlinks more rigorously and preventing apps from escaping their confines to access protected files.<\/p>\n

Contacts and Photos also received logging and temporary file tweaks (CVE-2025-43426, CVE-2025-43391) to redact sensitive data and curb unauthorized access. A notable fix in Stolen Device Protection (CVE-2025-43422) adds logic to prevent physical attackers from disabling the feature, vital for protecting lost or stolen devices.<\/p>\n

\n\n\n\n\n\n\n\n\n\n\n\n
Component<\/th>\nCVE<\/th>\nImpact<\/th>\nDescription<\/th>\nResearcher<\/th>\n<\/tr>\n<\/thead>\n
Accessibility<\/td>\nCVE-2025-43442<\/td>\nApp identifies installed apps<\/td>\nPermissions issue with added restrictions<\/td>\nZhongcheng Li (ByteDance)<\/td>\n<\/tr>\n
Apple Account<\/td>\nCVE-2025-43455<\/td>\nMalicious app screenshots sensitive info<\/td>\nPrivacy issue with improved checks<\/td>\nRon Masas, Pinak Oza<\/td>\n<\/tr>\n
Kernel<\/td>\nCVE-2025-43398<\/td>\nUnexpected system termination<\/td>\nImproved memory handling<\/td>\nCristian Dinca (icmd.tech)<\/td>\n<\/tr>\n
Assets<\/td>\nCVE-2025-43407<\/td>\nApp breaks sandbox<\/td>\nImproved entitlements<\/td>\nJZ<\/td>\n<\/tr>\n
CloudKit<\/td>\nCVE-2025-43448<\/td>\nApp breaks sandbox<\/td>\nImproved symlink validation<\/td>\nHikerell (Loadshine Lab)<\/td>\n<\/tr>\n
Contacts<\/td>\nCVE-2025-43426<\/td>\nApp accesses sensitive data<\/td>\nImproved data redaction in logging<\/td>\nWojciech Regula (SecuRing)<\/td>\n<\/tr>\n
Stolen Device Protection<\/td>\nCVE-2025-43422<\/td>\nAttacker disables protection<\/td>\nAdded logic<\/td>\nWill Caine<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/figure>\n

WebKit Overhaul Targets Web-Based Exploits<\/strong><\/h2>\n

WebKit, powering Safari and web views, dominates the update with fixes for crashes, memory corruption, and cross-origin data exfiltration.<\/p>\n

A use-after-free<\/a> vulnerability (CVE-2025-43438) could crash Safari via malicious content, while buffer overflows (CVE-2025-43429) risked arbitrary code execution.<\/p>\n

Apple addressed these through better memory management, bounds checking, and disabling risky optimizations like array allocation sinking (CVE-2025-43421).<\/p>\n

Privacy threats include keystroke monitoring (CVE-2025-43495) and cross-origin image theft in Canvas (CVE-2025-43392). Visiting spoofed sites could trick users (CVE-2025-43493, CVE-2025-43503), now countered with UI state improvements.<\/p>\n

\n\n\n\n\n\n\n\n\n\n
Component<\/th>\nCVE<\/th>\nImpact<\/th>\nDescription<\/th>\nResearcher<\/th>\n<\/tr>\n<\/thead>\n
WebKit<\/td>\nCVE-2025-43480<\/td>\nCross-origin data exfiltration<\/td>\nImproved checks (Bugzilla 276208)<\/td>\nAleksejs Popovs<\/td>\n<\/tr>\n
WebKit<\/td>\nCVE-2025-43438<\/td>\nSafari crash via use-after-free<\/td>\nImproved memory management (Bugzilla 297662)<\/td>\nshandikri (Trend Micro ZDI)<\/td>\n<\/tr>\n
WebKit<\/td>\nCVE-2025-43495<\/td>\nKeystroke monitoring<\/td>\nImproved checks (Bugzilla 300095)<\/td>\nLehan Dilusha Jayasinghe<\/td>\n<\/tr>\n
WebKit Canvas<\/td>\nCVE-2025-43392<\/td>\nCross-origin image exfil<\/td>\nImproved cache handling (Bugzilla 297566)<\/td>\nTom Van Goethem<\/td>\n<\/tr>\n
WebKit<\/td>\nCVE-2025-43429<\/td>\nProcess crash via buffer overflow<\/td>\nImproved bounds checking (Bugzilla 298232)<\/td>\nGoogle Big Sleep<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/figure>\n

Other components like Camera, Siri, and Text Input received targeted patches for logic flaws and lock screen leaks (CVE-2025-43450, CVE-2025-43454, CVE-2025-43452).<\/p>\n

Experts urge immediate updates, as unpatched devices remain vulnerable to zero-day exploits. Apple\u2019s security page details all fixes, crediting researchers under its bounty program<\/a>. With iOS 26.1, users gain stronger defenses against a landscape rife with sophisticated threats.<\/p>\n

Follow us on Google News<\/a>, LinkedIn<\/a>, and X<\/a> for daily cybersecurity updates. Contact us<\/a> to feature your stories.<\/strong><\/p>\n

The post Apple Patches Multiple Critical Vulnerabilities in iOS 26.1 and iPadOS 26.1<\/a> appeared first on Cyber Security News<\/a>.<\/p>\n<\/div>\n

\t

\n
<\/BR>
\n Guru Baran
\n \t

\n
<\/BR>
\nGo to cyber-security-news<\/a>
\n \t

\n
<\/BR><\/p>\n","protected":false},"excerpt":{"rendered":"

Apple Patches Multiple Critical Vulnerabilities in iOS 26.1 and iPadOS 26.1 Apple released iOS 26.1 and iPadOS 26.1, addressing multiple vulnerabilities that could lead to privacy breaches, app crashes, and potential data leaks for iPhone and iPad users. The update targets devices starting from the iPhone 11 series and various iPad models, including the iPad […]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[129,63,131,648],"tags":[130],"class_list":["post-8166","post","type-post","status-publish","format-standard","hentry","category-cyber-security","category-cyber-security-news","category-vulnerability","category-vulnerability-news","tag-cyber-security-news"],"_links":{"self":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/8166"}],"collection":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/comments?post=8166"}],"version-history":[{"count":0,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/8166\/revisions"}],"wp:attachment":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/media?parent=8166"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/categories?post=8166"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/tags?post=8166"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}