Xin Lang Cai Jing·2025-12-13 02:51Core Viewpoint - Apple has released iOS 26.2, iPadOS 26.2, and macOS Tahoe 26.2, addressing a total of 25 security vulnerabilities and recommending all users to upgrade immediately [1][3]. Vulnerabilities Addressed - The most notable vulnerabilities fixed include CVE-2025-43529 and CVE-2025-14174, both WebKit vulnerabilities discovered by Google's Threat Analysis Group. Evidence suggests that hackers could exploit these vulnerabilities to launch complex targeted attacks on older iOS users. The new version improves memory management and validation mechanisms, effectively blocking the risk of "arbitrary code execution" triggered by malicious web content [2][6]. - Apple has implemented additional restrictions in the App Store to resolve a permissions issue that allowed applications to access sensitive payment tokens, identified as CVE-2025-46288. This vulnerability was discovered by ByteDance's IES Red Team members floeki and Zhongcheng Li [2][6]. - A critical kernel-level integer overflow vulnerability (CVE-2025-46285) has also been fixed, which previously allowed attackers to induce system crashes or gain root access. This vulnerability was reported by Alibaba Group's Kaitao Xie and Xiaolong Bai, and Apple engineers have eliminated this risk by introducing 64-bit timestamp technology [2][6].