iOS 18.7.2, released on November 5, 2025, is a security-focused update with no new user-facing features.
Key Security Fixes
The update addresses 31 vulnerabilities (tracked via CVEs), primarily related to memory corruption, privacy leaks, denial-of-service issues, and unauthorized data access. Here’s a breakdown by major affected components:
• WebKit (Safari’s rendering engine): 12 fixes, including use-after-free issues that could lead to crashes or memory corruption when processing malicious web content, and protections against cross-origin data exfiltration.
• Model I/O (3D graphics processing): 6 fixes for out-of-bounds access and reads that could cause app crashes or memory corruption from malicious media files.
• Safari: 2 fixes for address bar spoofing and UI spoofing on malicious sites.
• Kernel: 1 fix to prevent unexpected system terminations.
• Accessibility, App Store/Installer, Audio, Camera, CloudKit, CoreText, Find My, Mail, MetricKit, Notes, On-device Intelligence, Shortcuts, Siri, and Spotlight: Various privacy, permissions, and logging issues that could allow apps to fingerprint users, access sensitive data, or bypass restrictions.
For the full list of CVEs, impacts, and credits to researchers, see Apple’s official security content page. If you’re experiencing issues like battery drain after updating (as reported by some users), check Settings > Battery for diagnostics or contact Apple Support.