Apple this week rolled out an emergency patch for older-generation devices to address a security flaw that threat actors are said to be exploiting in the wild.
Anyone using an iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3 or iPod touch (6th generation) should make iOS 12.5.7 a priority.
The update delivers no new features or operational tweaks. Rather, its sole purpose is to fix a WebKit vulnerability that lets bad actors compromise a device simply by sending the victim a tainted link.
“Processing maliciously crafted web content may lead to arbitrary code execution,” reads the advisory. “Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.1.”
The type confusion issue abused by hackers isn’t actually new. Apple addressed the flaw on new-gen hardware in December, with the release of iOS 16.2.
To update your device, visit Settings -> General -> Software Update and download and install the patch.
In the past couple of years, Apple has been busy cracking down on cyber threats targeting iDevices with zero-day, zero-click exploits like the one described above.
The company has also ramped up efforts to keep old-generation hardware protected against malware – especially spyware.
Similar patches were made available in September and October last year, in what looks like a concerted effort to cover even the oldest iPhones with timely security fixes.
Also last year, Bitdefender wrote about obsolete iDevices, warning that keeping iPhones up to date has become critical in recent years, as spyware threats increasingly find their way onto vulnerable devices – with little, or sometimes no, input from the victim.
Bitdefender recommends that Apple users migrate to the newest iOS version available for their device, or get a newer device, to receive official security support from the vendor.
Bitdefender Mobile Security offers powerful protection against all types of cyber threats with minimal impact on device performance and battery life.
tags
Filip has 15 years of experience in technology journalism. In recent years, he has turned his focus to cybersecurity in his role as Information Security Analyst at Bitdefender.
View all postsDecember 19, 2024
November 14, 2024