Apple fixes actively exploited vulnerabilities affecting older iDevices

2021-06-16 09:16

Apple has released a security update for older iDevices to fix three vulnerabilities, two of which are zero-days that are apparently actively exploited in attacks in the wild.

The security update is iOS 12.5.4, which can still be run on older iDevices: iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch.

The third vulnerability patched with this update is a memory corruption issue in the ASN.1 decoder that may also lead to arbitrary code execution if a maliciously crafted certificate is processed.

The last in a line of actively exploited WebKit vulnerabilities.

iOS 12 is used by a minority of iDevice users - between 10 and 7%, depending on different sources - and they've been repeatedly asked to implement security updates in the last six months, to fix a slew of actively exploited WebKit flaws.

Users should implement the offered update as soon as possible.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/lnTJOSOvc0w/

#apple #vulnerabilities

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Apple		68	212	1433	2208	257	4110

News URL

Related news

Related vendor