The Web Content sandbox is a security feature in Apple's WebKit engine that prevents malicious web content from accessing sensitive system resources. However, due to an out-of-bounds write issue, attackers can potentially break out of the sandbox and execute arbitrary code on the device.
iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later running iOS 18.3.2 or iPadOS 18.3.2.
Check with: grep WebKit /var/log/system.log (Note: This command may not be available on all devices.)
This is a supplementary fix for an attack that was blocked in iOS 17.2, so if you're running an earlier version of iOS, you are likely not affected.
Upgrade to the latest version of iOS or iPadOS.
- Apple Support: https://support.apple.com/en-us/122281
- Apply the WebKit patch manually:
- Download the WebKit patch from the Apple Support website and follow the instructions for installation.
- Alternatively, you can use a third-party tool like WebKit-Patch to apply the patch.