Apple just patched this 'actively exploited' flaw in older iPhones and iPads - ZDNet

Image: Apple

Apple has erstwhile again released a spot for a apt captious flaw affecting the iPhone 5s, iPhone 6, and older iPads -- models for which it seldom provides security.    

Along with patches successful iOS 16.3 and macOS Ventura this week, Apple released a uncommon spot successful the iOS 12.5.7 update to support iOS devices that couldn't upgrade to iOS 15 erstwhile it was released successful September 2021. These see the iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod interaction (6th generation).

The update addresses a bug that tin beryllium exploited remotely to summation arbitrary codification execution connected an affected iPhone oregon iPad conscionable by starring a victim's browser to a maliciously crafted web leafage oregon web content. 

"Apple is alert of a study that this contented whitethorn person been actively exploited against versions of iOS released earlier iOS 15.1," it said successful merchandise notes concerning the bug, which is tracked arsenic CVE-2022-42856. 

Also: What is Security Keys for Apple ID and wherefore does it matter?

It was reported by Clément Lecigne of Google's Threat Analysis Group, the radical that tracks state-sponsored and different precocious menace activity. 

Apple patched the aforesaid flaw in iOS 16.1.2 on November 30, and past in macOS Ventura 13.1 and iOS 16.2 successful mid-December. 

It's not the archetypal clip successful caller representation that Apple has backported patches for versions of iOS it doesn't regularly patch. Apple released iOS 12.5.6 astatine the extremity of August, precisely a twelvemonth aft iOS 15's release, to code different distant codification execution flaw (CVE-2022-32894) that was besides being actively exploited astatine the time.