Apple launched essential safety updates for macOS Sequoia 15.5 on Might 12, 2025, addressing over 40 vulnerabilities throughout system elements starting from kernel-level reminiscence corruption dangers to app sandbox escapes.
The patches goal flaws that would enable attackers to entry delicate person information, set off system crashes, or execute arbitrary code.
Researchers from tutorial establishments and cybersecurity firms-including MIT CSAIL, Pattern Micro Zero Day Initiative, and Google Undertaking Zero-identified nearly all of these points.
A number of vulnerabilities enabled unauthorized entry to delicate information via macOS’s foundational companies.
The TCC framework, which manages app permissions for sources like location and contacts, contained an info disclosure flaw (CVE-2025-31250) that uncovered person privateness preferences.
In the meantime, the CoreGraphics subsystem had an out-of-bounds learn vulnerability (CVE-2025-31209) permitting attackers to extract protected graphical information throughout file parsing.
The Notes app posed dangers on account of a cache-handling oversight (CVE-2025-31256), which inadvertently revealed deleted notes via the recent nook function.
Equally, StoreKit logged unredacted person information (CVE-2025-31242), doubtlessly leaking buy histories and subscription particulars.
Apple’s Climate app additionally contained a location privateness flaw (CVE-2025-31220) that allowed malicious apps to bypass geolocation restrictions.
Researchers highlighted systemic dangers in AppleJPEG (CVE-2025-31251) and CoreMedia (CVE-2025-31233), the place crafted media information may corrupt course of reminiscence and expose person info.
These vulnerabilities underscore the challenges of securing advanced multimedia processing pipelines.
System Integrity by way of Reminiscence Exploits
Kernel-level vulnerabilities dominated high-severity fixes. A double-free flaw in Audio subsystems (CVE-2025-31235) permitted apps to set off system crashes, whereas the AFP file-sharing protocol had two essential weaknesses:
CVE-2025-31246 allowed malicious servers to deprave kernel reminiscence, and CVE-2025-31240 let attackers crash methods by way of malformed community shares.
The WebKit engine confronted seven distinct reminiscence corruption flaws, together with CVE-2025-24213, a kind confusion vulnerability exploitable via malicious internet content material.
Google’s V8 workforce found this might bypass Safari’s safety checks.
Within the Kernel, CVE-2025-31219 enabled attackers to deprave reminiscence by way of race situations, doubtlessly resulting in root privileges.
Apple additionally patched libexpat (CVE-2024-8176), an open-source XML parser, which had third-party-reported dangers of arbitrary code execution.
These fixes required rebuilding low-level networking and file-handling elements to forestall cascading failures.
Sandbox Escapes and Privateness Bypasses
Apple’s app sandbox-designed to isolate untrusted processes-had a number of containment failures.
The quarantine system (CVE-2025-31244) allowed malicious apps to bypass obtain restrictions, whereas RemoteViewServices (CVE-2025-31258) let attackers escape sandboxes solely by exploiting service IPC mechanisms.
In NetworkExtension, CVE-2025-31218 uncovered community connection hostnames, aiding attackers in reconnaissance.
The Sandbox subsystem itself had two flaws: CVE-2025-31249 allowed unauthorized file entry, and CVE-2025-31224 let apps bypass privateness preferences by manipulating state checks.
Notably, Cell Machine Service (CVE-2025-24274) had an enter validation hole allowing root privilege escalation, and SoftwareUpdate (CVE-2025-31259) allowed native customers to realize admin rights by way of improper sanitization.
Apple’s coordinated patch rollout highlights the escalating complexity of securing fashionable working methods in opposition to each focused exploits and opportunistic assaults.
Enterprises and particular person customers should prioritize rapid updates, as unpatched methods stay susceptible to information exfiltration and ransomware assaults.
The breadth of fixes-spanning 28 subsystems and involving 47 researchers-reflects macOS’s evolving menace panorama.
Future updates could require deeper integration of machine learning-based anomaly detection to preemptively flag zero-day exploitation patterns.
Discover this Information Attention-grabbing! Observe us on Google Information, LinkedIn, & X to Get Instantaneous Updates!
