Security word over a beacon on a Macbook pro screen

Apple Security Update to fix malicious font crash

By Nathan Pabon on October 2, 2025

Apple released a security update that fixes an issue involving the FontParser service that could cause an app crash. 

This update was released on September 29 for the following:  

  • macOS Sonoma 14.8.1
  • macOS Sequoia 15.7.1
  • macOS 26.0.1
  • iOS 18.7.1 and iPadOS 18.7.1
  • iOS 26.0.1 and iPadOS 26.0.1
  • visionOS 26.0.1

Apple has not divulged specific details regarding the vulnerability, dubbed CVE-2025-43400, only that a “maliciously crafted font may lead to unexpected app termination or corrupt process memory”. 

This vulnerability was ultimately the result of an out-of-bounds write issue in which an attacker can write outside the bounds of an allocated area of memory to crash a program or (in some cases) execute arbitrary code. The implications of such a vulnerability can range from a minor inconvenience to a much more serious security issue depending on how the memory is affected. 

This vulnerability does not appear to be actively exploited in the wild. 

Addigy provides a seamless update process to patch these devices to the latest version to mitigate this vulnerability. Find out more details about how to apply system updates.

Nathan Pabon

Nathan Pabon

Application Security Engineer at Addigy

Similar Posts

Rocket taking off from text reading "macOS Sonoma."

macOS Sonoma is Here

Attention IT professionals and MSPs! The big day is finally here: macOS Sonoma is live and in the…

Illustration of a user with an Apple device

Randomized MAC Addresses: What IT Admins Need to Know

Randomized MAC addresses enhance privacy on Apple devices but pose challenges for IT teams managing secure networks. As these devices join corporate systems, understanding the impact on authentication, tracking, and access control is crucial. This guide covers what MAC randomization is, how to manage it, and how to address enterprise-level issues it may cause.