Every iPhone User Is at Risk—Update Now to Fix a Critical Flaw
While software updates help your iPhone get the latest security patches, it’s not unusual for apps installed on your device to sometimes put your device at risk. This is the case with a recent web browser flaw that was only patched in the latest iOS update. Here’s what you need to do to protect yourself.
Why You Should Be Concerned by This Web Browser Bug
In June, security analysts and experts identified a critical flaw in the rendering engine used by Google Chrome and other browsers, which was subsequently reported to Google. The bug, labeled CVE-2025-6558, is described as targeting users by deploying malicious web content, including HTML pages and files. Once a victim has clicked on or run this content, attackers could gain access and run arbitrary code or install spyware.
It was noted that this vulnerability has been exploited in the wild, particularly in zero-day attacks, which are often deployed by state-sponsored or organized cyber-criminal groups. These actors typically target high-risk individuals, such as politicians and journalists. However, this presents a potential security risk for regular users as well due to its high severity.
Google acknowledged the threat and issued a patch through Google Chrome version 138.0.7204.157 for the web, including its Android counterpart, on July 15. Users are strongly advised to update their browsers to the latest version.
This was followed by the Cybersecurity and Infrastructure Security Agency (CISA), a leading U.S. cybersecurity arm under the Department of Homeland Security, adding CVE-2025-6558 to its catalog of known exploits.
iPhone and iPad Users at Risk: What’s the Fix?
The same critical bug also affected Safari, as Apple confirmed that processing malicious HTML pages could cause the browser to crash. However, the situation is more concerning for Apple users because the fix for this flaw was introduced with iOS 18.6 and iOS 26 Beta, which were only recently released to eligible devices.
Because the same WebKit engine is used across all Apple platforms, this vulnerability affects not only iPhones and iPads but also Apple smartwatches, tvOS devices, and Macs. It is now highly recommended that users check their devices for updates and install the latest firmware right away.
Have you checked your Chrome or Safari to see if it is running on the latest firmware? Share with us in the comments!