Apple just updated iOS 12 to patch a critical security flaw

If you own an iPhone 6, iPad mini 2, or some other older Apple device, you’re unfortunately shut out from the latest iOS 16.3 update that arrived this week. But there’s still an update waiting for you to install in Settings.

Apple pushes important security updates to older phones from time to time (the last was in August 2022) and this is one of those times. The iOS 12.5.7 update contains just a single patch that fixes a zero-day WebKit vulnerability that could allow a hacker to execute arbitrary code on your Mac:

WebKit

  • Available for: iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation)
  • Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.1.
  • Description: A type confusion issue was addressed with improved state handling.
  • CVE-2022-42856: Clément Lecigne of Google’s Threat Analysis Group

The security update was pushed to newer devices in iOS 16.1.2 on November 30 and iOS 15.7.2 on December 13. It’s not clear why Apple waited nearly eight weeks to deliver it to iOS 12 devices.

To install the update, head over to the Settings app, then General and Software Update. Tap Download and Install and follow the prompts.

Source : Macworld