Patch Your iGear! iOS 18.6 Fixes a Security Bug Exploited in Google Chrome

Apple this week rolled out security updates across its product lineup addressing dozens of security weaknesses, including a flaw that criminals have been exploiting.

This week’s updates extend to the iPhone, the iPad, all Macs running macOS versions as old as Ventura, as well as the Apple Watch, the Apple TV media center, and the Apple Vision headset.

If you’re using any of these, you have a security patch to deploy. And judging from an earlier security advisory from Google, you might want to make it a priority.

An exploit exists in the wild

One issue addressed in this release has been known to threat actors for weeks. According to Google, an exploit existed in the wild at the time the web giant patched it in the popular Chrome web browser.

Tracked as CVE-2025-6558, the bug was described by Google as an “Incorrect validation of untrusted input in ANGLE and GPU.”

Incorrect validation of untrusted input occurs when the system doesn't properly check external sources. The error can lead to vulnerabilities that attackers can exploit to access deeper parts of the system and execute malicious code.

Google addressed the issue in its latest security update for Chrome on desktop and mobile.

Reported by Clément Lecigne and Vlad Stolyarov of Google's Threat Analysis Group, the issue is now also patched in Apple products sharing the open source code for rendering web content on your device’s screen.

For peace of mind, you’ll want this issue patched on your iDevice even if you don’t use Chrome.

“This is a vulnerability in open source code and Apple Software is among the affected projects,” according to the advisory issued this week from Cupertino, California.

Update your iGear

As of today, Apple users will want the following software versions installed:

·      iOS 18.6 and iPadOS 18.6 – iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later

·      iPadOS 17.7.9 – iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation

·      macOS Sequoia 15.6 – all Macs running macOS Sequoia

·      macOS Sonoma 14.7.7 – all Macs running macOS Sonoma

·      macOS Ventura 13.7.7 – all Macs running macOS Ventura

·      watchOS 11.6 – Apple Watch Series 6 and later

·      tvOS 18.6 – Apple TV HD and Apple TV 4K (all models)

·      visionOS 2.6 – Apple Vision Pro

·      Safari 18.6 – your Safari browser on macOS Ventura and/or macOS Sonoma

Always patch security flaws labeled as high-risk

According to the NIST National Vulnerability Database describing this vulnerability, “Insufficient validation of untrusted input in ANGLE and GPU in Google Chrome prior to 138.0.7204.157 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.”

Unpatched vulnerabilities in Chrome, the world’s most-used web browser, have been leveraged to conduct spyware attacks. And so have flaws in iOS itself. Spyware operators – often working for an authoritarian regime – have become notorious for targeting activists, dissidents, political rivals, human rights advocates, investigative journalists, and other high-profile individuals.

Read: Graphite Spyware Was Used to Infect iPhones of European Journalists, Researchers Confirm

Read: Apple Issues Emergency iOS 18.3.1 Update to Plug ‘Extremely Sophisticated’ Attack Vector on iPhones and iPads. Patch Now!

Make sure you periodically check for the latest security patch from your vendor – even if you’re not a high-risk figure. You never know when you trip a wire and become a target for eager exploiters.

For peace of mind, run a security solution on all your personal devices. On iOS and macOS, keep the trusty Lockdown Mode toggle handy if you have reason to believe hackers might be targeting you.

You may also want to read:

Patch Your Web Browser! New Security Flaw in Chrome Exploited by Hackers

10 Cyberthreats iPhone Users Can’t Afford to Ignore in 2025