Apple Closes Critical Vulnerability for Older iPhones
Apple ported patches to the long-forgotten version of iOS 12 to close the vulnerability on older iPhones, iPads and iPods. The flaw, which received the status of critical, is already being used in real cyber attacks.
The issue is being tracked as CVE-2022-32893 and has been assigned a CVSS score of 8.8. The vulnerability affects WebKit and could lead to arbitrary code execution when rendering web content.
The developers finalized the bounds check, which helped to eliminate the described gap. According to Apple, they learned about the hole in the corporation from a third-party cybersecurity researcher who wished to remain anonymous.
The released version of iOS 12.5.6 is suitable for installation on the iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3 and iPod touch (sixth generation). At the same time, Apple notes that iOS 12 does not affect another vulnerability patched in August for newer devices (CVE-2022-32894).
“We are aware of the possible exploitation of the eliminated vulnerability in real cyberattacks,” the Cupertinians write.
Apple did not provide details of such attacks. All owners of old “apple” devices are advised to install iOS 12.5.6 as soon as possible.
Catch up on more articles here
Follow us on Twitter here