Old iPhones and iPads stuck on iOS 12 get a patch for a serious security hole

Older iPhones and iPads running iOS 12.

Enlarge / Older iPhones and iPads running iOS 12.

Apple is releasing a rare security update for older iPhones and iPads stuck on iOS 12, an operating system that received its last security update nearly a year ago. The iOS 12.5.6 update patches a single "actively exploited" WebKit bug that could allow arbitrary code execution if a user encounters "maliciously crafted web content" on their device.

iOS 12.5.6 is available for all devices that can run iOS 12 but can't be updated to a newer release of iOS or iPadOS. That list includes the iPhone 5S, iPhone 6 and 6 Plus, the original iPad Air, the iPad mini 2 and iPad mini 3, and the 6th-generation iPod Touch.

This is the same "actively exploited" zero-day WebKit vulnerability that Apple patched in newer iOS and macOS versions a couple of weeks ago—not an ideal time gap for an actively exploited bug, but it was probably justified by the age and dwindling usage share of iOS 12 (as of this writing, Apple's developer site says that about 4 percent of actively used iPhones and 10 percent of actively used iPads run a version older than iOS/iPadOS 14). Apple says that iOS 12 devices aren't affected by the kernel vulnerability that was also patched by that earlier update.

Read 1 remaining paragraphs | Comments



https://ift.tt/5Fc6BUq

Comments