iOS 18.3.2 addresses a critical security vulnerability in WebKit, the framework used by Safari to render web pages. This vulnerability allowed maliciously crafted web content to potentially break out of the Web Content sandbox, which is a security feature designed to isolate web content from accessing local device resources[1][2][3]. The issue was identified as an out-of-bounds write problem, and Apple resolved it by implementing improved checks to prevent unauthorized actions[2][4].
This vulnerability was reportedly exploited in extremely sophisticated attacks targeting specific individuals using versions of iOS prior to iOS 17.2[4][6]. Although the primary fix for this issue was implemented in iOS 17.2, iOS 18.3.2 provides a supplementary patch to ensure comprehensive protection against this threat[6][7]. The urgency of this update is highlighted by the fact that it can be exploited remotely, unlike the vulnerability fixed in iOS 18.3.1, which required physical access to the device[3][4].
The CVE identifier for this vulnerability is not explicitly mentioned in the provided sources, but it is described as a zero-day bug, meaning it was previously unknown to Apple's engineers but may have been exploited by hackers before the patch was released[5]. The update is crucial for maintaining device security, especially since it addresses a flaw that could be exploited over the internet, potentially from anywhere in the world[3].
Citations:
[1] https://www.forbes.com/sites/kateoflahertyuk/2025/03/12/ios-1832-update-now-warning-issued-to-all-iphone-users/
[2] https://www.techradar.com/computing/software/update-your-apple-device-now-ios-18-3-2-fixes-a-flaw-exploited-by-hackers
[3] https://www.cnet.com/tech/services-and-software/download-ios-18-3-2-right-now-to-patch-this-security-issue/
[4] https://www.securityweek.com/apple-ships-ios-18-3-2-to-fix-already-exploited-webkit-flaw/
[5] https://www.deccanherald.com/technology/gadgets/apple-rolls-out-ios-1832-with-critical-software-patch-for-zero-day-bug-in-iphone-3443201
[6] https://appleinsider.com/articles/25/03/11/dont-wait-to-update-ios-1832-fixes-an-actively-exploited-issue
[7] https://9to5mac.com/2025/03/11/this-is-the-one-security-fix-added-in-ios-18-3-2-and-more/
[8] https://support.apple.com/en-us/121161
[9] https://www.macrumors.com/2025/03/11/ios-18-3-2-security-fixes/
[10] https://www.youtube.com/watch?v=8rbBzdKhKbA
[11] https://www.simplymac.com/apps/apple-releases-safari-18-3-1
[12] https://www.bitdefender.com/en-us/blog/hotforsecurity/patch-iphone-ios-18-3-2-webkit-hackers-sophisticated-attacks