iOS 18.7.7, macOS 15.7.5 updates fix kernel memory leaks & WebKit flaws

Apple pushed out a coordinated round of security updates on March 24, covering older versions of iOS, iPadOS, and macOS that are still widely used and still need protecting.

The updates include iOS 18.7.7, iPadOS 18.7.7, macOS Sequoia 15.7.5, and macOS Sonoma 14.8.5. They close a long list of vulnerabilities across core parts of the system, from networking to the kernel.

On iPhone and iPad, the fixes cut across everything from low-level system components to user-facing frameworks. Some bugs could let an app access sensitive user data, while others could crash processes or expose internal system state.

Apple patched issues that could leak kernel memory, expose system state, or allow writes to protected memory through use-after-free bugs. These are the kinds of primitives attackers rely on to build full exploits, so fixing the kernel is crucial.

WebKit is gaining attention due to Apple's recent fixes. These updates address vulnerabilities that could bypass same-origin protections, enable cross-site scripting, or leak DNS queries despite Private Relay being enabled.

Networking fixes that are easier to overlook but still crucial exist. A flaw in 802.1X could allow an attacker on the same network to intercept traffic, a scenario common in enterprise or public Wi-Fi environments.

macOS Sequoia 15.7.5 and Sonoma 14.8.5 bring similar fixes

On the Mac side, the updates follow a similar pattern but reach further into system services and frameworks. Apple fixed issues in file systems, networking, printing, and sandboxing.

Some of the more serious bugs go beyond data exposure. Apple fixed issues that could let apps write arbitrary files, gain root privileges, or break out of the sandbox.

Kernel bugs carry the most weight here as well. Apple fixed flaws that could expose kernel memory, reveal memory layout, or allow changes to protected parts of the system.