Apple just patched this ‘actively exploited’ flaw in older iPhones and iPads

A young man in a yellow sweatshirt using an iPad Mini outside.

Image: Apple

Apple has once again released a patch for a likely critical flaw affecting the iPhone 5s, iPhone 6, and older iPads — models for which it rarely provides security.    

Along with patches in iOS 16.3 and macOS Ventura this week, Apple released a rare patch in the iOS 12.5.7 update to protect iOS devices that couldn’t upgrade to iOS 15 when it was released in September 2021. These include the iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation).

The update addresses a bug that can be exploited remotely to gain arbitrary code execution on an affected iPhone or iPad just by leading a victim’s browser to a maliciously crafted web page or web content. 

“Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.1,” it said in release notes concerning the bug, which is tracked as CVE-2022-42856. 

Also: What is Security Keys for Apple ID and why does it matter?

It was reported by Clément Lecigne of Google’s Threat Analysis Group, the group that tracks state-sponsored and other advanced threat activity. 

Apple patched the same flaw in iOS 16.1.2 on November 30, and then in macOS Ventura 13.1 and iOS 16.2 in mid-December. 

It’s not the first time in recent memory that Apple has backported patches for versions of iOS it doesn’t regularly patch. Apple released iOS 12.5.6 at the end of August, exactly a year after iOS 15’s release, to address another remote code execution flaw (CVE-2022-32894) that was also being actively exploited at the time.

Stay connected with us on social media platform for instant update click here to join our  Twitter, & Facebook

We are now on Telegram. Click here to join our channel (@TechiUpdate) and stay updated with the latest Technology headlines.

For all the latest Technology News Click Here 

Read original article here

Denial of responsibility! is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.
Leave a comment