Apple releases critical security updates to patch Chrome zero-day vulnerability
CVE-2025-6558
enable remote hackers to execute an arbitrary code via crafted HTML pages enabling them to bypass browser's security sandbox. As reported by Bleeping Computers, the vulnerability stems from an insufficient validation of untrusted input within the ANGLE (Almost Native Graphics Layer Engine) and GPU components, which are shared open-source graphics abstraction layers.
Google's Threat Analysis Group (TAG) discovered the flaw in June and reported it to the Chrome team, who patched it on July 15, confirming active exploitation in the wild.
While the primary exploitation observed has been against Chrome users, Apple confirmed that its software was also affected due to the shared code. For Safari users, the vulnerability could lead to unexpected browser crashes when processing malicious web content.
Devices receiving the patch:
by Taboola
by Taboola
Sponsored Links
Sponsored Links
Promoted Links
Promoted Links
You May Like
15 Most Beautiful Women Ever
Paperela
Undo
iOS 18.6 and iPadOS 18.6: iPhone XS and newer, iPad Pro and other recent models
macOS Sequoia 15.6: All Macs running the latest OS
tvOS 18.6, visionOS 2.6, and watchOS 11.6: Covering Apple TV, Vision Pro, and Apple Watch Series 6 onward
iPadOS 17.7.9: Older iPad Pro and iPad 6th generation models
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has also added CVE-2025-6558 to its catalog of known exploited vulnerabilities, urging federal agencies and all network defenders to prioritise patching their systems immediately.
AI Masterclass for Students. Upskill Young Ones Today!– Join Now
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Mint
an hour ago
- Mint
iPhone 17, Air, Pro and Pro Max: Launch timeline and specs leak ahead of Apple event
Apple's next flagship smartphone line-up, the iPhone 17 series, is expected to be officially unveiled on 9 September, according to a report by German The report, citing local mobile phone providers, claims that Apple will hold its next major launch event in line with its usual September timeline, a pattern the company has followed for several years. The iPhone 17 series is expected to include four models: the iPhone 17, iPhone 17 Air, iPhone 17 Pro, and iPhone 17 Pro Max. If the leaked schedule holds, pre-orders may open on 12 September, with deliveries and in-store sales likely to commence on 19 September. While Apple has not officially confirmed the date, the timing corresponds with earlier reports, including insights from Bloomberg's Mark Gurman, who had previously suggested that the event could fall between 8 and 12 September. In terms of hardware, the new iPhones are expected to feature upgraded internals. The iPhone 17 and iPhone 17 Air are reported to be powered by the A19 chip, whereas the Pro models could be equipped with a higher-end A19 Pro chipset. Display sizes are also expected to vary: both the iPhone 17 and iPhone 17 Pro may feature 6.3-inch screens, the iPhone 17 Air could sport a 6.5-inch display, and the iPhone 17 Pro Max may come with a 6.9-inch screen. The iPhone 17, iPhone 17 Air, and iPhone 17 Pro are rumoured to be built with an aluminium frame, while the iPhone 17 Pro Max is tipped to continue using a titanium frame, similar to its predecessor. A modest price increase is anticipated, with all models except the base iPhone 17 expected to cost approximately $50 more than last year's iPhone 16 series, translating to an increase of roughly ₹ 4,000 in the Indian market. In addition to the iPhone launch, Apple is also likely to announce the third generation of AirPods Pro and updated Apple Watch models during the same event. As with previous launches, Apple is expected to release further details in the weeks leading up to the event.
Mint
an hour ago
- Mint
Beware Apple users! Government warns against critical risk: How to stay safe online
The Indian Computer Emergency Response Team (CERT-In) has issued a high-severity alert regarding multiple security vulnerabilities found across a wide range of Apple products. The flaws, if exploited, could allow attackers to execute arbitrary code, bypass security mechanisms, escalate privileges, or cause denial-of-service (DoS) conditions on affected devices. This warning is part of the recently released vulnerability note CIVN-2025-0163. According to CERT-In, the vulnerabilities impact several Apple operating systems, including iOS, iPadOS, macOS, watchOS, tvOS, and visionOS. Devices running versions older than the latest available releases are particularly at risk. The affected versions include iOS prior to 18.6, iPadOS prior to 17.7.9 and 18.6, macOS Sequoia before 15.6, macOS Sonoma before 14.7.7, macOS Ventura before 13.7.7, watchOS before 11.6, tvOS before 18.6, and visionOS before 2.6. CERT-In's advisory highlights that the risks posed by these vulnerabilities are significant. If exploited successfully, an attacker could gain unauthorised access to sensitive information, manipulate system data, disrupt services, or take complete control of the affected devices. These flaws result from a variety of technical issues, such as type confusion, integer and buffer overflows, race conditions, logic errors, improper input validation, flawed memory management, and incorrect privilege handling. Attackers can potentially exploit these by sending specially crafted requests to the targeted system. The cyber agency has assessed the overall risk as high, particularly for both individual users and organisations that depend on Apple devices for critical functions. The consequences of a successful attack could include data breaches, system downtime, and severe reputational harm. CERT-In has strongly advised users to treat this issue as a priority and take immediate steps to secure their devices. In response, Apple has released patches addressing the identified vulnerabilities. Users are urged to promptly apply these updates to ensure their systems are protected. The relevant security patches are available through Apple's official support channels and cover all impacted platforms. Users can find update details on Apple's website via dedicated links to updates for iOS, iPadOS, macOS, watchOS, tvOS, and visionOS. These include support documents with IDs such as 124148, 124149, 124150, 124151, 124155, 124147, 124153, and 124154. CERT-In has also encouraged users to adopt standard cyber hygiene practices. These include avoiding unverified applications, not clicking on suspicious links, regularly monitoring devices for abnormal activity, and keeping systems up to date with the latest software patches. Organisations should also ensure their IT teams are aware of the issue and implement the updates across all Apple-based endpoints without delay. This advisory comes as a reminder of the growing complexity of cyber threats targeting widely used consumer and enterprise technologies. With Apple products playing a key role in both personal and business environments, keeping them secure is critical. For further information, users can visit the official CERT-In website or Apple's support pages to access technical documentation and patch details.
Economic Times
2 hours ago
- Economic Times
Grok Imagine goes viral; over 20 million images generated in 24 hours
Agencies The new text-to-video generation application Grok Imagine, led by artificial intelligence (AI) company xAI, has witnessed a surge, with over 20 million images generated as of Tuesday, chief executive Elon Musk posted on X (formerly Twitter).A day before, over 14 million images were generated. Earlier on Tuesday, Musk announced that the Grok Imagine app is available to all X Premium users. Additionally, the app is accessible for both iOS and Android a series of tweets, Musk reposted creatives by users experimenting with the app, which is currently in an early beta phase. From recreating historical events to making posters and even animated memes, Imagine has taken over the internet. Valentine is the latest animated, voice-enabled AI companion introduced by xAI's Grok platform. He joins earlier companions like Ani, a goth anime-style avatar, and Rudy, the sarcastic red panda, as part of Grok's character-driven user took to X, describing how Grok Imagine brought the fondest memories to have praised the production quality and Grok's ability to go extravagant when it comes to creativity. Access to Grok Imagine According to Musk, users can update their X app and request access to the waitlist by navigating to the 'Grok' section in settings and selecting 'Imagine.' Grok Imagine allows users to generate videos of up to six minutes duration and still images from text prompts. In addition, it can animate static images into moving visuals with synchronised sound, offering creators a more seamless workflow without needing external tools or software. The feature is available both via the standalone Grok app and within the main X platform. According to a post by the official Grok handle, full public rollout is expected in phases beginning October 2025. Elevate your knowledge and leadership skills at a cost cheaper than your daily tea. Can Coforge's ambition to lead the IT Industry become a reality? BlackRock returns, this time with Ambani. Will it be lucky second time? Amazon is making stealthy moves in healthcare, here's why! The trader who blew the whistle on Jane Street Stock Radar: Globus Spirits breaks out from 9-month consolidation; check target & stop loss for long positions Weekly Top Picks: These stocks scored 10 on 10 on Stock Reports Plus These large-caps have 'strong buy' & 'buy' recos and an upside potential of more than 25% Stock picks of the week: 5 stocks with consistent score improvement and upside potential of up to 36% in 1 year
