Advertising
[German]Apple has released a security update for iOS to version 12.5.6 as of August 31, 2022 (thanks to Gerold for the tip). The update closes a vulnerability on older iPhone models. Here is a brief overview of these updates.
The update is listed on T213428 and closes vulnerability CVE-2022-32893 in WebKit. It is an out-of-bounds write issue that has been fixed with an improved bound-checking feature. The vulnerability allowed maliciously crafted web content to be abused by attackers to execute arbitrary code. Apple is aware of a report that this issue may have been actively exploited.
According to Apple, the update is available for iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3 and iPod touch (6th generation).
Apple's support post emphasizes that iOS 12 is not vulnerable to the kernel vulnerability CVE-2022-32894 (kernel overflow). Apple had released the update to iOS 15.6.1 and iPadOS 15.6.1 for newer products (from iPhone 6s and iPad Pro) on August 17, 2022 – see HT213412.
