Older iPhones, iPod touch, and iPads have been given security updates to fix an actively exploited critical out-of-bounds write issue in WebKit, tracked as CVE-2022-32893, which could be exploited by threat actors to facilitate the execution of arbitrary code, The Hacker News reports.
Improved bounds checking has been leveraged to fix the vulnerability in the iOS 12.5.6 update for iPhone 5s, iPhone 6, iPhone 6 Plus, iPod touch (6th generation), iPad Air, iPad mini 2, and iPad mini 3, according to Apple, which noted that the flaw, tracked as CVE-2022-32894, is not affecting iOS 12.
Both vulnerabilities have been addressed by Apple in iOS 15.6.1, iPadOS 15.6.1, macOS 12.5.1, and Safari 15.6.1 weeks ago.
"Apple is aware of a report that this issue may have been actively exploited," said Apple. Users of older Apple devices have been advised to immediately apply the update to prevent risk of future attacks.
Endpoint/Device Security, Application security
Older Apple devices receive update to fix actively exploited bug
An In-Depth Guide to Application Security
Get essential knowledge and practical strategies to fortify your applications.
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds