Apple devices face trouble due to font bug, update helps
Manipulated fonts can cause iPhones, iPads and Macs to crash and possibly be misused. An update helps.
(Image: Daniel AJ Sokolov)
Apple users should quickly install a security update to protect themselves against crashes and/or corrupted memory. Incorrect memory can be a springboard for further attacks. Both iPhones and iPads and various Apple computers are affected. The BĂĽrgerCERT of the German Federal Office for Information Security is therefore urging users to update. The specialized institution warns of possible denial-of-service attacks, in this case in the form of repeated crashes.
According to Apple, the following operating systems are affected:
- Apple iOS before 18.7.1
- Apple iOS before 26.0.1
- Apple iPadOS before 18.7.1
- Apple iPadOS before 26.0.1
- Apple macOS Sequoia before 15.7.1
- Apple macOS Sonoma before 14.8.1
- Apple macOS Tahoe before 15.7.1
The error corrected with the updates is in the font parser. This is the routine that helps fonts to be displayed correctly. Unfortunately, the font parser can be tempted by manipulated fonts to write to memory areas it is not actually authorized to.
Fonts come via websites, documents, software
Attackers could exploit the “vulnerability to crash the device or damage the process memory. This could enable other, unspecified attacks,” BürgerCERT informs. For successful exploitation, it is sufficient to open a malicious application or a malicious document. This is because fonts are often embedded in websites, documents, or applications or are downloaded later.
Videos by heise
The bug is registered as CVE-2025-43400. CVE stands for Common Vulnerabilities and Exposures and has been used internationally for more than 25 years to document security vulnerabilities. Each known vulnerability can be assigned its own unique number.
(ds)
