Security Advisory

Apple Family December 2025 1st Security Update Advisory

  • Dec 15 2025
Apple Family December 2025 1st Security Update Advisory

Overview

 

Apple(https://apple.com) has released a security update that fixes vulnerabilities in products it has been made. Affected Xerox users are advised to update to the latest version.

 

Affected Products

 

IPhone 11 and later

IPad Pro 12.9-inch 3rd generation and later

IPad Pro 11-inch 1st generation and later

IPad Air 3rd generation and later

IPad 8th generation and later

IPad mini 5th generation and later

IPhone XS and later

IPad Pro 13-inch

IPad 7th generation and later

MacOS Tahoe

MacOS Sequoia

MacOS Sonoma

Apple TV HD

Apple TV 4K (all models)

Apple Watch Series 6 and later

Apple Vision Pro (all models)

 

Resolved Vulnerabilities

 

The following vulnerabilities were patched in the December 12, 2025 product-specific update.

 

IOS 26.2 and iPadOS 26.2

Vulnerability in App Store functionality that could allow apps to access sensitive payment tokens (CVE-2025-46288)

A vulnerability in the AppleJPEG feature that could cause memory corruption during file handling (CVE-2025-43539)

Vulnerability in the Calling Framework feature that could allow an attacker to spoof a FaceTime sender number (CVE-2025-46287)

Vulnerability in curl functionality in the curl feature (CVE-2024-7264, CVE-2025-9086)

Vulnerability in the FaceTime feature where the password field could be unintentionally exposed when remotely controlling a device via FaceTime (CVE-2025-43542)

Vulnerability in the Foundation feature that could allow apps to improperly access files via the spell check API (CVE-2025-43518)

Vulnerability in the Foundation feature that could cause unexpected app termination while handling malicious data (CVE-2025-43532)

Vulnerability in the Icons feature that could allow an app to identify other apps installed by the user (CVE-2025-46279)

Vulnerability in the Kernel function that could allow an app to gain root privileges (CVE-2025-46285)

Memory corruption could occur during file handling in the libarchive function (CVE-2025-5918)

Vulnerability in the MediaExperience function that could allow an app to access user sensitive data (CVE-2025-43475)

Vulnerability in the Messages feature that could allow an app to access user sensitive data (CVE-2025-46276)

Vulnerability in Multi-Touch feature that could allow malicious HID devices to cause an unexpected process crash (CVE-2025-43533)

Vulnerability in Photos feature that could allow viewing photos in hidden photo albums without authentication (CVE-2025-43428)

Vulnerability in Screen Time feature that could allow an app to access a user’s Safari browsing history (CVE-2025-46277)

Vulnerability in the Screen Time feature that could allow an app to access a user’s sensitive data (CVE-2025-43538)

Vulnerability in the Telephony feature that could allow an app to access user sensitive data (CVE-2025-46292)

Vulnerability in WebKit functionality that could cause an unexpected Safari crash when handling maliciously crafted web content (CVE-2025-43541)

Vulnerability in WebKit functions that could cause an unexpected process crash when handling maliciously crafted web content (CVE-2025-43536, CVE-2025-43535, CVE-2025-43501, CVE-2025-43531)

Vulnerability in WebKit functionality that could allow arbitrary code execution (CVE-2025-43529)

Vulnerability in WebKit functions that could result in memory corruption when handling maliciously crafted web content (CVE-2025-14174, CVE-2025-43529)

– Apple is aware of reports that this issue may have been exploited in a highly sophisticated attack against certain users with iOS 26 or earlier.

Vulnerability in the WebKit Web Inspector feature that could cause an unexpected process crash when handling maliciously crafted web content (CVE-2025-43511)

 

IOS 18.7.3 and iPadOS 18.7.3

Vulnerability in the AppleJPEG feature that could result in memory corruption during file handling (CVE-2025-43539)

Vulnerability in the Call History feature that could allow an attacker to spoof FaceTime sender numbers (CVE-2025-46287)

Vulnerability in curl functionality in the curl feature (CVE-2024-7264, CVE-2025-9086)

Vulnerability in the FaceTime feature where the password field could be unintentionally exposed when remotely controlling a device via FaceTime (CVE-2025-43542)

Vulnerability in the Foundation feature that could cause unexpected app termination due to malicious data handling (CVE-2025-43532)

Vulnerability in the Icons feature that could allow an app to identify other apps installed by the user (CVE-2025-46279)

Vulnerability in the Kernel function that could allow an app to escalate privileges (CVE-2025-43512)

Vulnerability in Kernel functions that could allow an app to gain root privileges (CVE-2025-46285)

Memory corruption in the libarchive function could result in file handling (CVE-2025-5918)

Vulnerability in the Messages feature that could allow an app to access user sensitive data (CVE-2025-46276)

Vulnerability in the Screen Time feature that could allow an app to access user sensitive data (CVE-2025-43538)

Vulnerability in the Settings feature that could allow an app to access user sensitive data (CVE-2025-43530)

Vulnerability in the Telephony feature that could allow an app to access user sensitive data (CVE-2025-46292)

Vulnerabilities in the WebKit feature that could cause unexpected process crashes when handling maliciously crafted web content (CVE-2025-43535, CVE-2025-43501, CVE-2025-43536, CVE-2025-43531)

Vulnerability in WebKit functions that could cause an unexpected Safari crash when handling maliciously crafted web content (CVE-2025-43541)

Vulnerability in WebKit functionality that could allow arbitrary code execution (CVE-2025-43529)

Vulnerabilities in WebKit functions that could lead to memory corruption when handling maliciously crafted web content (CVE-2025-14174, CVE-2025-43529)

– Apple is aware of reports that this issue may have been exploited in a very sophisticated attack against certain users with iOS 26 or earlier.

 

MacOS Tahoe 26.2

Vulnerability in App Store functionality that could allow apps to access sensitive payment tokens (CVE-2025-46288)

Vulnerability in the AppleJPEG feature that could allow memory corruption during file handling (CVE-2025-43539)

Vulnerabilities in the AppleMobileFileIntegrity feature that could allow apps to access user sensitive data (CVE-2025-43523, CVE-2025-43519, CVE-2025-43522, CVE-2025-43521)

Vulnerability in the AppSandbox feature that could allow an app to access protected user data (CVE-2025-46289)

Vulnerability in the Audio feature that could allow an app to cause a denial of service attack (CVE-2025-43482)

Vulnerability in the Call History feature that could allow an app to access protected user data (CVE-2025-43517)

Vulnerability in the Calling Framework feature that could allow an attacker to forge FaceTime sender numbers (CVE-2025-46287)

Vulnerability in the CoreServices feature that could allow an app to access user sensitive data (CVE-2025-46283)

Vulnerability in the curl function in the curl feature (CVE-2024-7264, CVE-2025-9086)

Vulnerability in the FaceTime feature where the password field could be unintentionally exposed when remotely controlling a device via FaceTime (CVE-2025-43542)

Vulnerability in the File Bookmark feature that could allow an app to escape the sandbox (CVE-2025-46281)

Vulnerability in the Foundation feature that could allow an app to improperly access files via the Spell Check API (CVE-2025-43518)

Vulnerability in the Foundation feature that could cause unexpected app termination while handling malicious data (CVE-2025-43532)

Vulnerability in the Game Center feature that could allow an app to access protected user data (CVE-2025-46278)

Vulnerability in the Icons feature that could allow an app to identify other apps installed by the user (CVE-2025-46279)

Vulnerability in the Kernel function that could allow an app to escalate privileges (CVE-2025-43512)

Vulnerability in Kernel functions that could allow an app to gain root privileges (CVE-2025-46285)

Vulnerability in the LaunchServices function that could allow Gatekeeper checks to be bypassed (CVE-2025-46291)

Memory corruption could occur during file handling in the libarchive feature (CVE-2025-5918)

Vulnerability in MDM Configuration Tools feature that could allow an app to read sensitive location information (CVE-2025-43513)

Vulnerability in the Messages feature that could allow an app to access sensitive user data (CVE-2025-46276)

Vulnerability in Multi-Touch feature that could allow malicious HID devices to cause an unexpected process crash (CVE-2025-43533)

Vulnerability in the Networking feature that could allow an app to access user sensitive data (CVE-2025-43509)

Vulnerability in the Notes feature that could allow an attacker with physical access to view deleted notes (CVE-2025-43410)

Vulnerability in Photos feature that could allow viewing photos in hidden photo albums without authentication (CVE-2025-43428)

A vulnerability in the Safari feature could allow web content opened via a file URL to use a web API that should be restricted if locked mode is enabled on the Mac (CVE-2025-43526)

A vulnerability in the Safari Downloads feature that could allow downloads to be misattributed to the wrong source (CVE-2024-8906)

Vulnerability in the Screen Time feature that could allow an app to access a user’s Safari browsing history (CVE-2025-46277)

Vulnerability in the Screen Time feature that could allow an app to access a user’s sensitive data (CVE-2025-43538)

Vulnerability in the Siri feature that could allow an app to access protected user data (CVE-2025-43514)

Vulnerability in the SoftwareUpdate feature that could allow an app to access user sensitive data (CVE-2025-43519)

Vulnerability in the StorageKit function that could allow an app to gain root privileges (CVE-2025-43527)

Vulnerability in the sudo function that could allow an app to access protected user data (CVE-2025-43416)

Vulnerability in the Voice Control feature that could allow a user with voice control enabled to transcribe other users’ activities (CVE-2025-43516)

Vulnerability in the VoiceOver feature that could allow an app to access a user’s sensitive data (CVE-2025-43530)

Vulnerability in WebKit functionality that could allow an app to access user sensitive data (CVE-2025-46282)

Vulnerability in WebKit functionality that could cause an unexpected Safari crash when handling maliciously crafted web content (CVE-2025-43541)

Vulnerability in WebKit functions could cause an unexpected process crash when handling maliciously crafted web content (CVE-2025-43536, CVE-2025-43535, CVE-2025-43501, CVE-2025-43531)

Vulnerability in WebKit functionality that could allow arbitrary code execution (CVE-2025-43529)

Vulnerability in WebKit functions that could result in memory corruption when handling maliciously crafted web content (CVE-2025-14174, CVE-2025-43529)

– Apple is aware of reports that this issue may have been exploited in a highly sophisticated attack against certain users with iOS 26 or earlier.

Vulnerability in the WebKit Web Inspector feature that could cause an unexpected process crash when handling maliciously crafted web content (CVE-2025-43511)

 

MacOS Sequoia 15.7.3

Vulnerability in the AppleJPEG function could cause memory corruption during file handling (CVE-2025-43539)

Vulnerability in the AppleMobileFileIntegrity feature that could allow privilege escalation (CVE-2025-43320)

Vulnerabilities in the AppleMobileFileIntegrity feature that could allow apps to access user sensitive data (CVE-2025-43522, CVE-2025-43521, CVE-2025-43519, CVE-2025-43523)

Vulnerability in the AppSandbox feature that could allow an app to access protected user data (CVE-2025-46289)

Vulnerability in the Audio feature that could allow an app to cause a denial of service attack (CVE-2025-43482)

Vulnerability in the Call History feature that could allow an app to access protected user data (CVE-2025-43517)

Vulnerability in the Call History feature that could allow an attacker to forge FaceTime sender numbers (CVE-2025-46287)

Vulnerability in curl functionality in the curl feature (CVE-2024-7264, CVE-2025-9086)

Vulnerability in the FaceTime feature where the password field could be unintentionally exposed when remotely controlling a device via FaceTime (CVE-2025-43542)

Vulnerability in the Foundation feature that could allow apps to improperly access files via the spell check API (CVE-2025-43518)

Vulnerability in the Foundation feature that could cause unexpected app termination while handling malicious data (CVE-2025-43532)

Vulnerability in Kernel functions that could allow an app to escalate privileges (CVE-2025-43512)

Vulnerability in Kernel functions that could allow an app to gain root privileges (CVE-2025-46285)

Memory corruption could occur during file handling in the libarchive function (CVE-2025-5918)

Vulnerability in MDM Configuration Tools feature that could allow an app to read sensitive location information (CVE-2025-43513)

Vulnerability in the Messages feature that could allow an app to access user sensitive data (CVE-2025-46276)

Vulnerability in the Networking feature that could allow an app to access user sensitive data (CVE-2025-43509)

Vulnerability in the SoftwareUpdate function that could allow an app to access user sensitive data (CVE-2025-43519)

Vulnerability in the StorageKit feature that could allow an app to gain root privileges (CVE-2025-43527)

Vulnerability in StorageKit functionality that could allow an app to access user sensitive data (CVE-2025-43463)

Vulnerability in the sudo function that could allow an app to access protected user data (CVE-2025-43416)

Vulnerability in the Voice Control feature that could allow users with voice control enabled to transcribe other users’ activities (CVE-2025-43516)

Vulnerability in the VoiceOver feature that could allow an app to access sensitive user data (CVE-2025-43530)

 

MacOS Sonoma 14.8.3

Vulnerability in the AppleJPEG feature could allow memory corruption during file handling (CVE-2025-43539)

Vulnerability in the AppleMobileFileIntegrity feature that could allow apps to access user sensitive data (CVE-2025-43519)

Vulnerability in the AppSandbox feature that could allow an app to access protected user data (CVE-2025-46289)

Vulnerability in the Audio feature that could allow an app to cause a denial of service attack (CVE-2025-43482)

Vulnerability in the Call History feature that could allow an app to access protected user data (CVE-2025-43517)

Vulnerability in the Call History feature that could allow an attacker to forge FaceTime sender numbers (CVE-2025-46287)

Vulnerability in curl functionality in the curl feature (CVE-2024-7264, CVE-2025-9086)

Vulnerability in the Foundation feature that could allow an app to improperly access files via the spell check API (CVE-2025-43518)

Vulnerability in the Foundation feature that could cause unexpected app termination while handling malicious data (CVE-2025-43532)

Vulnerability in Kernel functions that could allow an app to escalate privileges (CVE-2025-43512)

Vulnerability in Kernel functions that could allow an app to gain root privileges (CVE-2025-46285)

Memory corruption could occur during file handling in the libarchive function (CVE-2025-5918)

Vulnerability in MDM Configuration Tools feature that could allow an app to read sensitive location information (CVE-2025-43513)

Vulnerability in the Messages feature that could allow an app to access user sensitive data (CVE-2025-46276)

Vulnerability in the Networking feature that could allow an app to access user sensitive data (CVE-2025-43509)

Vulnerability in the Screen Time feature that could allow an app to access user sensitive data (CVE-2025-43538)

Vulnerability in the SoftwareUpdate feature that could allow an app to access user sensitive data (CVE-2025-43519)

Vulnerability in the StorageKit function that could allow an app to access user sensitive data (CVE-2025-43463)

Vulnerability in the sudo function that could allow an app to access protected user data (CVE-2025-43416)

Vulnerability in the Voice Control feature that could allow users with voice control enabled to transcribe other users’ activities (CVE-2025-43516)

Vulnerability in the VoiceOver feature that could allow an app to access sensitive user data (CVE-2025-43530)

 

TvOS 26.2

Vulnerability in the AppleJPEG feature that could allow memory corruption during file handling (CVE-2025-43539)

Vulnerability in the curl function in the curl function (CVE-2024-7264, CVE-2025-9086)

Vulnerability in the Foundation feature that could cause unexpected app termination due to malicious data handling (CVE-2025-43532)

Vulnerability in the Icons feature that could allow an app to identify other apps installed by the user (CVE-2025-46279)

Vulnerability in the Kernel feature that could allow an app to gain root privileges (CVE-2025-46285)

Vulnerability in Multi-Touch functionality that could allow malicious HID devices to cause an unexpected process crash (CVE-2025-43533)

Vulnerability in WebKit functionality that could cause an unexpected process crash when handling maliciously crafted web content (CVE-2025-43531)

Vulnerability in WebKit functionality that could allow arbitrary code execution (CVE-2025-43529)

Vulnerabilities in WebKit functions that could lead to memory corruption when handling maliciously crafted web content (CVE-2025-14174, CVE-2025-43529)

– Apple is aware of reports that this issue may have been exploited in a very sophisticated attack against certain users with iOS 26 or earlier.

 

WatchOS 26.2

Vulnerability in App Store functionality that could allow apps to access sensitive payment tokens (CVE-2025-46288)

Vulnerability in the AppleJPEG feature that could allow memory corruption during file handling (CVE-2025-43539)

Vulnerability in the Calling Framework feature that could allow an attacker to spoof FaceTime sender numbers (CVE-2025-46287)

Vulnerability in curl functionality in the curl feature (CVE-2024-7264, CVE-2025-9086)

Vulnerability in the Foundation feature that could allow an app to improperly access files via the spell check API (CVE-2025-43518)

Vulnerability in the Foundation feature that could cause unexpected app termination while handling malicious data (CVE-2025-43532)

Vulnerability in the Icons feature that could allow an app to identify other apps installed by the user (CVE-2025-46279)

Vulnerability in the Kernel feature that could allow an app to gain root privileges (CVE-2025-46285)

Vulnerability in the Messages feature that could allow an app to access user sensitive data (CVE-2025-46276)

Vulnerability in Multi-Touch feature that could allow a malicious HID device to cause an unexpected process crash (CVE-2025-43533)

Vulnerability in the Screen Time feature that could allow an app to access a user’s Safari browsing history (CVE-2025-46277)

Vulnerability in the Screen Time feature that could allow an app to access a user’s sensitive data (CVE-2025-43538)

Vulnerability in the WebKit feature that could lead to an unexpected process crash when handling maliciously crafted web content (CVE-2025-43531)

Vulnerability in WebKit functionality that could allow arbitrary code execution (CVE-2025-43529)

Vulnerabilities in WebKit functions that could lead to memory corruption when handling maliciously crafted web content (CVE-2025-14174, CVE-2025-43529)

– Apple is aware of reports that this issue may have been exploited in a highly sophisticated attack against certain users with iOS 26 or earlier.

Vulnerability in the WebKit Web Inspector feature that could cause an unexpected process crash when handling maliciously crafted web content (CVE-2025-43511)

 

VisionOS 26.2

Vulnerability in App Store functionality that could allow apps to access sensitive payment tokens (CVE-2025-46288)

Vulnerability in AppleJPEG functionality that could allow memory corruption during file handling (CVE-2025-43539)

Vulnerability in the Calling Framework feature that could allow an attacker to spoof a FaceTime sender number (CVE-2025-46287)

Vulnerability in curl functionality in the curl feature (CVE-2024-7264, CVE-2025-9086)

Vulnerability in the FaceTime feature where the password field could be unintentionally exposed when remotely controlling a device via FaceTime (CVE-2025-43542)

Vulnerability in the Foundation feature that could cause unexpected app termination due to malicious data handling (CVE-2025-43532)

Vulnerability in the Icons feature that could allow an app to identify other apps installed by the user (CVE-2025-46279)

Vulnerability in the Kernel feature that could allow an app to gain root privileges (CVE-2025-46285)

Vulnerability in the Messages feature that could allow an app to access user sensitive data (CVE-2025-46276)

Vulnerability in Multi-Touch feature that could allow malicious HID devices to cause an unexpected process crash (CVE-2025-43533)

Vulnerability in Photos feature that could allow viewing photos in hidden photo albums without authentication (CVE-2025-43428)

Vulnerability in the Screen Time feature that could allow an app to access user sensitive data (CVE-2025-43538)

Vulnerability in WebKit functionality that could cause an unexpected Safari crash when handling maliciously crafted web content (CVE-2025-43541)

Vulnerability in WebKit functions could cause an unexpected process crash when handling maliciously crafted web content (CVE-2025-43535, CVE-2025-43501, CVE-2025-43531)

Vulnerability in WebKit functionality that could allow arbitrary code execution (CVE-2025-43529)

Vulnerability in WebKit functions that could result in memory corruption when handling maliciously crafted web content (CVE-2025-14174, CVE-2025-43529)

– Apple is aware of reports that this issue may have been exploited in a highly sophisticated attack against certain users with iOS 26 or earlier.

Vulnerability in the WebKit Web Inspector feature that could cause an unexpected process crash when handling maliciously crafted web content (CVE-2025-43511)

 

Safari 26.2

A vulnerability was found in the Safari feature that could allow web content opened via a file URL to use web APIs that should be restricted if locked mode is enabled on the Mac (CVE-2025-43526)

A vulnerability in the Safari Downloads feature that could allow download sources to be incorrectly linked (CVE-2024-8906)

Vulnerability in WebKit functionality that could allow an app to access user sensitive data (CVE-2025-46282)

Vulnerability in WebKit functionality that could cause an unexpected Safari crash when handling maliciously crafted web content (CVE-2025-43541)

Vulnerability in WebKit functions could cause an unexpected process crash when handling maliciously crafted web content (CVE-2025-43536, CVE-2025-43535, CVE-2025-43501, CVE-2025-43531)

Vulnerability in WebKit functionality that could allow arbitrary code execution (CVE-2025-43529)

Vulnerability in WebKit functions that could result in memory corruption when handling maliciously crafted web content (CVE-2025-14174, CVE-2025-43529)

– Apple is aware of reports that this issue may have been exploited in a highly sophisticated attack against certain users with iOS 26 or earlier.

Vulnerability in the WebKit Web Inspector feature that could cause an unexpected process crash when handling maliciously crafted web content (CVE-2025-43511)

 

Referenced Sites

 

Security Bulletins and Advisories

https://support.apple.com/en-us/HT201222

IOS 26.2 and iPadOS 26.2

https://support.apple.com/en-us/125884

IOS 18.7.3 and iPadOS 18.7.3

https://support.apple.com/en-us/125885

MacOS Tahoe 26.2

https://support.apple.com/en-us/125886

MacOS Sequoia 15.7.3

https://support.apple.com/en-us/125887

MacOS Sonoma 14.8.3

https://support.apple.com/en-us/125888

TvOS 26.2

https://support.apple.com/en-us/125889

WatchOS 26.2

https://support.apple.com/en-us/125890

VisionOS 26.2

https://support.apple.com/en-us/125891

Safari 26.2

https://support.apple.com/en-us/125892

Tags:
Previous Post

Next Post