Apple has released the first update to iOS 12 since September 2021.

The release, iOS 12.5.6, is supposed to patch a vulnerability identified as CVE-2022-32893. Apple says(Opens in a new window) this flaw in WebKit means that “processing maliciously crafted web content may lead to arbitrary code execution.” Now devices running iOS 12 shouldn’t be susceptible to this flaw.

Apple released patches related to CVE-2022-32893 for iOS 15, iPadOS 15, and macOS Monterey 12.5.1 on Aug. 17. (The company says another vulnerability that was publicly disclosed at the same time, CVE-2022-32894, doesn’t affect devices running iOS 12.)

The last iOS 12 update arrived on Sept. 23, 2021, and it addressed(Opens in a new window) a variety of vulnerabilities affecting CoreGraphics, Core Telephony, WebKit, and XNU. That release—and every version of iOS 12 that’s rolled out since August 2019— is exclusive to devices that can’t run iOS 13.

Recommended by Our Editors

This update is available now for the iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and the sixth-generation iPod touch. Apple says it’s “aware of a report that this issue may have been actively exploited,” so owners of these devices should install this patch.

Like What You’re Reading?

Sign up for SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.

This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.

Source