Apple on Wednesday backported security updates to older iPhones, iPads, and iPod touch gadgets to tackle a critical security flaw that has been actively exploited in the wild.
The issue, tracked as CVE-2022-32893 (CVSS score: 8.8), is an out-of-bounds write issue impacting WebKit that could lead to arbitrary code execution when processing maliciously crafted web articles.
The tech huge claimed it set the bug with improved bounds checking. An nameless researcher has been credited for reporting the vulnerability.
The iOS 12.5.6 update is available for iPhone 5s, iPhone 6, iPhone 6 Moreover, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th era).
“iOS 12 is not impacted by CVE-2022-32894,” Apple pointed out in its advisory.
The most up-to-date established of patches arrived months after the iPhone maker remediated the two flaws in iOS 15.6.1, iPadOS 15.6.1, macOS 12.5.1, and Safari 15.6.1 as part of updates delivered on August 18, 2022.
“Apple is aware of a report that this issue may perhaps have been actively exploited,” it acknowledged in a boilerplate assertion, though facts concerning the mother nature of the attacks are mysterious.
Consumers of older iOS units are advised to apply the updates as shortly as feasible to mitigate potential threats.
Discovered this posting appealing? Abide by THN on Fb, Twitter and LinkedIn to read extra unique content we put up.
Some components of this post are sourced from: