News

iOS 12.5.4 and iPadOS 12.5.4 Updates Provides Security Fixes for Older iPhones and iPads

Apple on Monday released iOS 12.5.4 and iPadOS 12.5.4 updates, which provide security fixes for older iPhone and iPad devices that are not compatible with iOS 14.

The iOS 12.5.4 and iPadOS 12.5.4 updates can be downloaded for free and the software can be installed on all eligible devices over the air via the Settings app. To access the new software, go to Settings -> General -> Software Update.

iOS 12.5.4 provides important security updates and is recommended for all users. Apple often releases security updates for older devices that are no longer able to run the current version of iOS. The updates keep users of older devices protected from malware and other security vulnerabilities.

Apple’s security support document says that the update addresses the following three vulnerabilities:

Security

Available for: iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation)

Impact: Processing a maliciously crafted certificate may lead to arbitrary code execution

Description: A memory corruption issue in the ASN.1 decoder was addressed by removing the vulnerable code.

CVE-2021-30737: xerub

WebKit

Available for: iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation)

Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.

Description: A memory corruption issue was addressed with improved state management.

CVE-2021-30761: an anonymous researcher

WebKit

Available for: iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation)

Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.

Description: A use after free issue was addressed with improved memory management. 

CVE-2021-30762: an anonymous researcher

Chris Hauk

Chris is a Senior Editor at Mactrast. He lives somewhere in the deep Southern part of America, and yes, he has to pump in both sunshine and the Internet.