macOS Vulnerability CVE-2025-43464 Patched, Could Freeze Systems

A critical vulnerability in macOS, identified as CVE-2025-43464, has been patched by Apple, addressing an issue that could cause a Mac to completely freeze after downloading a specific file. The flaw was discovered by security researcher Duy Tran, who credited Ethan Arbuckle's tool for its detection. The patch was included in the recent macOS Tahoe 26.1 security update, released on November 3, 2025.

Duy Tran publicly announced the fix via a tweet, stating, "Imagine just downloading a file and your Mac freezes completely… this has been patched in CVE-2025-43464." The researcher emphasized the severity of the bug, which could lead to a complete system denial-of-service. Apple's official security release notes for macOS Tahoe 26.1 confirm the vulnerability, describing its impact as an "authorization issue addressed with improved state management," which could allow an app to access sensitive user data.

The vulnerability specifically affected 'dyld', macOS's dynamic link editor, according to security analysis. While Apple's description focuses on sensitive data access, the practical impact observed by Tran, a complete system freeze, aligns with a denial-of-service scenario. The fix implemented by Apple involves improved checks and state management to prevent malicious files from exploiting this flaw.

This patch is part of a broader security update from Apple, which addressed over 100 vulnerabilities across its operating systems. The company routinely releases such updates to enhance user security and system stability. Users are strongly advised to update their macOS to version 26.1 to protect against this and other recently discovered security issues.