Apple appears to have cemented its commitment to take care of the forlorn iOS 12 version, issuing a fresh update that contains a zero-day vulnerability patch for the outdated handsets.
Heralding the announcement, cybersecurity firm Sophos said the patch was far from cosmetic, as “it fixes a hole in [iOS device web browsing tool] WebKit that sounds as though it’s already being abused by attackers for implanting malware.”
Sophos welcomed the iOS 12.5.7 update as a worthy follow-up to Apple’s announcement last August that it would patch a zero-day bug for iOS 12 that had been fixed several weeks previously for more up-to-date iOS devices.
“Updates you thought you’d never see are important to check up on, especially if you own an older ‘backup’ iPhone that you don’t use every day any more, or that you’ve passed on to a less tech-savvy member of your family,” said Sophos.
A zero-day vulnerability is an industry term for a weakness in a system’s cyber defenses that can be exploited by threat actors that security professionals have been hitherto unaware of.
Apple has assigned the update with the bug docket number CVE-2022-42856.
More from Cybernews:
Subscribe to our newsletter