Security word over a beacon on a Macbook pro screen

Apple Security Update to fix malicious font crash

By Nathan Pabon on October 2, 2025

Apple released a security update that fixes an issue involving the FontParser service that could cause an app crash. 

This update was released on September 29 for the following:  

  • macOS Sonoma 14.8.1
  • macOS Sequoia 15.7.1
  • macOS 26.0.1
  • iOS 18.7.1 and iPadOS 18.7.1
  • iOS 26.0.1 and iPadOS 26.0.1
  • visionOS 26.0.1

Apple has not divulged specific details regarding the vulnerability, dubbed CVE-2025-43400, only that a “maliciously crafted font may lead to unexpected app termination or corrupt process memory”. 

This vulnerability was ultimately the result of an out-of-bounds write issue in which an attacker can write outside the bounds of an allocated area of memory to crash a program or (in some cases) execute arbitrary code. The implications of such a vulnerability can range from a minor inconvenience to a much more serious security issue depending on how the memory is affected. 

This vulnerability does not appear to be actively exploited in the wild. 

Addigy provides a seamless update process to patch these devices to the latest version to mitigate this vulnerability. Find out more details about how to apply system updates.

Nathan Pabon

Nathan Pabon

Application Security Engineer at Addigy

Similar Posts

Illustration of a critical Apple zero-day vulnerability affecting macOS and iOS devices

How IT Teams Can Stay Ahead of Apple Zero-Day Threats

Apple’s latest zero-day vulnerability, CVE-2025-24085, is a stark reminder that IT teams must act fast to keep their Apple fleets secure. This use-after-free flaw in the Core Media component has been actively exploited, putting iPhones, Macs, and iPads at risk.

Rocket taking off from text reading "macOS Sonoma."

macOS Sonoma is Here

Attention IT professionals and MSPs! The big day is finally here: macOS Sonoma is live and in the…