Apple has released a new security patch that fixes a bug that could be exploited remotely by cybercriminals that affected phone models with versions prior to iOS 15, such as iPhone 5 and 6.
The manufacturer has rolled out a new version of its operating system for all iOS devices that could not be updated to iOS 15 when it was released, in September 2021.
The patch fixes a bug in Webkit that could be exploited remotely to execute arbitrary code on an affected device, via the content of a malicious web page. In this way, threat actors could perform different actions, such as executing commands or downloading ‘malware’ on compromised systems.
The vulnerability, registered as CVE-2022-42856, was discovered by Google’s Threat Analysis Group researcher Clément Lecigne. Apple has acknowledged being aware that cybercriminals could have exploited this vulnerability on devices with versions of iOS released before iOS 15.1.
Thus, it has indicated that this iOS 12.5.7 update is available for iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3 and iPod touch 6th generation.