Ethical Hacking News
Apple has released security updates to address a high-severity vulnerability in Google Chrome that has been exploited in zero-day attacks targeting Chrome users. The update resolves a critical flaw in the ANGLE graphics abstraction layer, allowing attackers to execute arbitrary code within the browser's GPU process.
Apple has released security updates to address a high-severity vulnerability (CVE-2025-6558) in Google Chrome users. The vulnerability allows remote attackers to execute arbitrary code within the browser's GPU process via specially crafted HTML pages. The vulnerability was reported by Google's Threat Analysis Group and patched on July 15, but is now actively exploited in zero-day attacks. Apple has also released WebKit security updates for various Apple devices and software to address the vulnerability. CISA has added the vulnerability to its catalog of vulnerabilities known to be exploited in attacks and advises federal agencies to patch their software by August 12.
Apple has released security updates to address a high-severity vulnerability that has been exploited in zero-day attacks targeting Google Chrome users. The vulnerability, tracked as CVE-2025-6558, is due to the incorrect validation of untrusted input in the ANGLE (Almost Native Graphics Layer Engine) open-source graphics abstraction layer. This layer processes GPU commands and translates OpenGL ES API calls to Direct3D, Metal, Vulkan, and OpenGL.
The ANGLE layer is a critical component of Google Chrome's rendering engine, responsible for rendering 2D and 3D graphics in the browser. The vulnerability in this layer enables remote attackers to execute arbitrary code within the browser's GPU process via specially crafted HTML pages. This potentially allows attackers to escape the sandbox that isolates browser processes from the underlying operating system.
The discovery of CVE-2025-6558 is attributed to Vlad Stolyarov and Clément Lecigne of Google's Threat Analysis Group (TAG), a team of security experts dedicated to defending Google customers against state-sponsored attacks. The vulnerability was reported to the Google Chrome team in June, who subsequently patched it on July 15. However, it has since been confirmed that the vulnerability is actively exploited in zero-day attacks.
Google's TAG frequently discovers zero-day flaws exploited by government-sponsored threat actors in targeted campaigns aimed at deploying spyware on devices of high-risk individuals, including dissidents, opposition politicians, and journalists. These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.
Apple has released WebKit security updates to address the CVE-2025-6558 vulnerability for a range of Apple devices and software, including iOS 18.6 and iPadOS 18.6 for iPhone XS and later models, as well as Macs running macOS Sequoia 15.6. Additionally, tvOS 18.6 has been updated to address the vulnerability on Apple TV HD and Apple TV 4K models, while visionOS 2.6 has also received updates for Apple Vision Pro devices.
In a statement released by Apple, processing maliciously crafted web content may lead to an unexpected Safari crash due to the successful exploitation of CVE-2025-6558. The company notes that the vulnerability is in open-source code and that Apple Software is among the affected projects.
The Cybersecurity and Infrastructure Security Agency (CISA), the U.S. cyber defense agency, has also added this security bug to its catalog of vulnerabilities known to be exploited in attacks. CISA requires federal agencies to patch their software by August 12. The agency advises all network defenders to prioritize patching the CVE-2025-6558 vulnerability as soon as possible.
This is not the first time Apple has patched a zero-day flaw exploited in targeted attacks since the start of the year. In January, Apple patched a zero-day in Chrome (CVE-2025-24085), followed by another in February (CVE-2025-24200). March saw the release of a patch for a third zero-day (CVE-2025-24201), as well as updates for two more vulnerabilities in April (CVE-2025-31200 and CVE-2025-31201).
Apple's proactive approach to addressing these vulnerabilities is a testament to its commitment to protecting users from emerging threats. As the threat landscape continues to evolve, it is essential for organizations to prioritize security patching and stay informed about the latest vulnerabilities and updates.
Related Information:
https://www.ethicalhackingnews.com/articles/Apple-Patches-Security-Flaw-Exploited-in-Chrome-Zero-Day-Attacks-A-Detailed-Analysis-ehn.shtml
https://www.bleepingcomputer.com/news/security/apple-patches-security-flaw-exploited-in-chrome-zero-day-attacks/
https://nvd.nist.gov/vuln/detail/CVE-2025-6558
https://www.cvedetails.com/cve/CVE-2025-6558/
Published: Wed Jul 30 11:40:10 2025 by llama3.2 3B Q4_K_M
