iOS 18.6 and macOS Sequoia 15.6 Address Chrome Zero-Day Attack

by

The iOS 18.6, iPadOS 18.6, and macOS Sequoia 15.6 updates that Apple released yesterday address a major zero-day attack that targeted Chrome users, according to Bleeping Computer.

Chrome Feature 22
Apple says that CVE-2025-6558 was a vulnerability in open source code that also affected Apple software. The flaw could allow remote attackers to execute arbitrary code using HTML pages created for that purpose, escaping Chrome's sandboxing. Google patched the issue on July 15, and said that it had been actively exploited.

In Safari, Apple said that the issue could cause unexpected crashing, but it wasn't known to have been used in attacks against Safari users.

Google hasn't offered up technical details on how the exploit worked, and the company said that additional information would be restricted until the majority of users have updated their devices. Chrome users who have not installed the latest version of Chrome should do so.

Popular Stories

iOS 26 Feature

iOS 26 Available Tomorrow With These 8 New Features

Sunday September 14, 2025 8:46 am PDT by
Following three months of beta testing, iOS 26 will be released this Monday, September 15. The update is compatible with the iPhone 11 series and newer, and it will be available to install via the Settings app, under General → Software Update. Below, we have highlighted eight new features included in iOS 26. Even more new features and changes are outlined in Apple's release notes for the...
Read Full Article81 comments
Tim Cook Rainbow

Apple Reportedly Plans to Launch These 10 Products in 'Coming Months'

Sunday September 14, 2025 8:45 am PDT by
Apple's annual September event is now in the rearview mirror, with the iPhone 17, iPhone 17 Pro, iPhone 17 Pro Max, iPhone Air, Apple Watch Series 11, Apple Watch Ultra 3, Apple Watch SE 3, and AirPods Pro 3 set to launch this Friday, September 19. As always, there is more to come. In his Power On newsletter today, Bloomberg's Mark Gurman said Apple plans to release many products in the...
Read Full Article46 comments
iPhone 17 Pro Colors

Didn't Pre-Order a New iPhone Yet? Here's How Long the Wait is Now

Friday September 12, 2025 6:11 am PDT by
iPhone 17, iPhone 17 Pro, iPhone 17 Pro Max, and iPhone Air pre-orders began at 5 a.m. Pacific Time in the U.S. and many other countries today. If you have yet to place a pre-order, you might face a longer wait now, depending on your desired configuration. As of shortly after 6 a.m. Pacific Time today, nearly all iPhone 17 Pro Max configurations on Apple's online store in the U.S. are facing ...
Read Full Article294 comments
apple n1 chip

Apple's New N1 Chip in iPhone 17, iPhone 17 Pro, and iPhone Air Has a Wi-Fi 7 Limitation

Saturday September 13, 2025 10:01 am PDT by
The latest iPhone 17, iPhone 17 Pro, iPhone 17 Pro Max, and iPhone Air models are equipped with Apple's all-new N1 chip for Wi-Fi 7, Bluetooth 6, and Thread connectivity. However, the chip has a Wi-Fi 7 bandwidth limitation. According to FCC documents reviewed by MacRumors, the N1 chip in all of the new iPhone models supports up to 160 MHz channel bandwidth for Wi-Fi 7, short of the...
Read Full Article91 comments
airpods translate

AirPods Live Translation Blocked for EU Users With EU Apple Accounts

Thursday September 11, 2025 4:01 am PDT by
Apple's new Live Translation feature for AirPods will be off-limits to millions of European users when it arrives next week, with strict EU regulations likely holding back its rollout. Apple says on its feature availability webpage that "Apple Intelligence: Live Translation with AirPods" won't be available if both the user is physically in the EU and their Apple Account region is in the EU....
Read Full Article229 comments
iphone air all colors

iPhone Air and iPhone 17 Pro Now Facing Extended Delivery Estimates

Saturday September 13, 2025 11:43 am PDT by
iPhone 17, iPhone 17 Pro, iPhone 17 Pro Max, and iPhone Air pre-orders began on Friday in the U.S. and many other countries. iPhone 17 Pro Max delivery estimates quickly slipped beyond the Friday, September 19 launch day for those who had yet to place an order, and now the rest of the new models have started to follow suit. As of shortly after 11:30 a.m. Pacific Time today, select iPhone 17, ...
Read Full Article83 comments
iPhone 17 Pro Colors

iPhone 17 and iPhone 17 Pro Models Are eSIM-Only in These Countries

Tuesday September 9, 2025 12:23 pm PDT by
Apple continues to phase out the physical SIM card tray on iPhones, with the latest models relying solely on eSIM technology in more countries. The new iPhone 17, iPhone 17 Pro, and iPhone 17 Pro Max support eSIMs only in these countries and regions, according to Apple: Bahrain Canada Guam Japan Kuwait Mexico Oman Qatar Saudi Arabia United Arab Emirates Un...
Read Full Article78 comments
iphone 17 lineup

iPhone 17 Models Launch on September 19 With These New Features

Friday September 12, 2025 7:58 am PDT by
Apple will launch its new iPhone 17 lineup and ultra-thin iPhone Air in stores on Friday, September 19, and the company has already shown off the new devices at its fall event, which ran with the the tagline "Awe dropping." The iPhone 17 series brings a host of new features and enhancements. Here's a rundown of the biggest upgrades and changes: iPhone 17 Display Changes The iPhone...
Read Full Article17 comments
iPhone 17 Air Battery

Apple Reveals iPhone Air Battery Replacement and Repair Fees

Friday September 12, 2025 9:33 am PDT by
Apple today disclosed its out-of-warranty repair fees for all of the iPhone 17 and iPhone Air models, ahead of the devices launching next week. First and foremost, Apple's battery replacement fees did not increase for the latest iPhone models in the U.S., with Apple charging a flat $119 to replace the battery inside an iPhone 17 Pro, iPhone 17 Pro Max, or iPhone Air. This is the same fee it...
Read Full Article60 comments
iPhone 17 Pro Cosmic Orange

Skipping the iPhone 17 Pro? Here's What's Rumored for iPhone 18 Pro

Wednesday September 10, 2025 8:33 am PDT by
While the iPhone 18 Pro and iPhone 18 Pro Max are still a year away, there are already a few rumors about the devices that offer an early look ahead. If you are skipping the iPhone 17 Pro and want to know about what to expect from the iPhone 18 Pro models, we have recapped a few of the key rumors below. Under-Screen Face ID In April 2023, display industry analyst Ross Young shared a...
Read Full Article121 comments

Top Rated Comments

adamw Avatar
adamw
7 weeks ago

Good reason not to trust Google ever :rolleyes:
This not only applies to Google Chrome, but also appears to affect Safari (by causing a crash to it.) Here is more about this exploit:

Insufficient validation of untrusted input in ANGLE and GPU in Google Chrome prior to 138.0.7204.157 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Tracked as CVE-2025-6558 ('https://nvd.nist.gov/vuln/detail/CVE-2025-6558'), the security bug is due to the incorrect validation of untrusted input in the ANGLE (Almost Native Graphics Layer Engine) open-source graphics abstraction layer, which processes GPU commands and translates OpenGL ES API calls to Direct3D, Metal, Vulkan, and OpenGL.

The vulnerability enables remote attackers to execute arbitrary code within the browser's GPU process via specially crafted HTML pages, potentially allowing them to escape the sandbox that isolates browser processes from the underlying operating system.
Score: 12 Votes (Like | Disagree)
ArtOfWarfare Avatar
ArtOfWarfare
7 weeks ago

Good reason not to trust Google ever :rolleyes:
This impacts all Chromium browsers, so Brave, Edge, Opera, and most other browsers not named Firefox or Safari.

The same issue causes Safari to crash, which while inconvenient, is preferable to having malicious code able to access data that it shouldn't.

What happens in Firefox?
Score: 11 Votes (Like | Disagree)
Love-hate ? relationship Avatar
Love-hate ? relationship
7 weeks ago

Good reason not to trust Google ever :rolleyes:
You know how often this has happened to safari? I'll tell you: a damn lot

And when this happens, you need a WHOLE OS update to fix it , while chrome only needs an app update most of the time (not this time around though)
Score: 7 Votes (Like | Disagree)
adamw Avatar
adamw
7 weeks ago

How is that even possible unless the person downloads a file or allows third party apps? ?
Sounds like if a Google Chrome (or Safari) user went to view any web page with the malicious code embedded, it could take over their whole system by "allowing remote users to execute arbitrary code" on their machine. Appears to affect anyone using the web browser to view an infected web site, and not only to affect downloads of files or third party apps.
Score: 6 Votes (Like | Disagree)
star-affinity Avatar
star-affinity
7 weeks ago

Good reason not to trust Google ever :rolleyes:

Well, that's not true as Safari is a separate download on Ventura and Sonoma (and every other supported macOS that's not the current one). Having to install a whole point update on the most recent macOS is a choice Apple makes.
But what is true is that security problems are continuously discovered in software from all vendors and it’s definitely not the last time it happens in code written by folks from Google nor Apple.
Score: 6 Votes (Like | Disagree)
culex Avatar
culex
7 weeks ago

Apple released yesterday address a major zero-day attack that targeted Chrome users
How can Apple fix a Chrome bug? That's right, they can't. They simply used the same buggy open source code in Webkit and patched it two weeks after Google. Pretty misleading headline.
Score: 5 Votes (Like | Disagree)
Read All Comments