iOS 18.3.2 Deadline—You Have 19 Days To Update Your iPhone

The U.S. Cybersecurity and Infrastructure Security Agency has added the issue patched in iOS 18.3.2 to its known exploited vulnerabilities (KEV) catalog. The agency has given a deadline of Apr. 3 for iPhone users to comply.

iOS 18.3.2: A Critical Update to Protect Your iPhone

Apple’s iOS 18.3.2 has arrived, including an emergency patch for an iPhone vulnerability already being exploited in real-life attacks. Following the release of iOS 18.3.2, experts weighed in to highlight the importance of updating your iPhone immediately.

CISA’s Warning: Update Your iPhone by Apr. 3

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued its own warning, after adding the flaw patched in iOS 18.3.2 to its known exploited vulnerabilities (KEV) catalog. The agency has given a deadline of Apr. 3 for iPhone users to comply.

The Flaw: An Out-of-Bounds Write Vulnerability in WebKit

The CISA alert covers an out-of-bounds write vulnerability in WebKit, the engine that underpins the Safari browser, which is tracked as CVE-2025-24201.

The Impact: Multiple Apple Products and Third-Party Browsers

The flaw fixed in iOS 18.3.2 is present in multiple Apple products. "Apple iOS, iPadOS, macOS, and other Apple products contain an out-of-bounds write vulnerability in WebKit that may allow maliciously crafted web content to break out of Web Content sandbox," CISA said.

Why You Should Heed CISA’s iOS 18.3.2 Warning

In case you don’t know already, CISA assigns due dates for patching vulnerabilities listed in its KEV catalog, and these vary depending on the specific flaw. CISA assigns due dates for federal agencies to remediate these vulnerabilities and these should also be used as a benchmark for patching by other organizations.

Conclusion

In conclusion, the U.S. Cybersecurity and Infrastructure Security Agency has added the issue patched in iOS 18.3.2 to its known exploited vulnerabilities (KEV) catalog, and has given a deadline of Apr. 3 for iPhone users to comply. It is essential to update your iPhone to iOS 18.3.2 as soon as possible to protect yourself from potential attacks.

Frequently Asked Questions

1. What is the issue patched in iOS 18.3.2?
   The issue is an out-of-bounds write vulnerability in WebKit, which is tracked as CVE-2025-24201.
2. How long do I have to update my iPhone?
   The deadline is Apr. 3.
3. What other products are affected by this issue?
   The issue affects multiple Apple products, including iOS, iPadOS, macOS, and other products that use WebKit.
4. What does CISA recommend?
   CISA recommends applying mitigations per vendor instructions, following applicable BOD 22-01 guidance for cloud services, or discontinuing use of the product if mitigations are unavailable.