Apple fixes critical font processing bug. Update now! www.malwarebytes.com/blog/news…

Apple has released important security updates to address a critical vulnerability in FontParser—the part of MacOS/iOS/iPadOS that processes fonts.

Identified as CVE-2025-43400, the flaw was discovered internally by Apple and allows an attacker to craft a malicious font that can cause apps to crash or corrupt process memory, potentially leading to arbitrary code execution.

While Apple hasn’t said it’s being actively exploited, similar bugs have been used in jailbreaks and spyware attacks in the past, so it’s smart to patch it promptly.

The vulnerability tracked as CVE-2025-43400 was described as an out-of-bounds write issue in FontParser that, when exploited, could cause the processing of a maliciously crafted font to lead to unexpected app termination or corrupt process memory.