Apple has pushed an emergency update to millions of older iPads and iPhones worldwide. iOS 12.5.6 is the first update to iOS 12 in almost a year and patches a critical security flaw, which Apple admits is being “actively exploited” by hackers.
The release is available for the iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation) — all devices which cannot receive iOS 13 and newer.
On its official security page, Apple confirms that the vulnerability (CVE-2022-32893) was discovered by an anonymous researcher and could be exploited to execute malicious code on devices.
For eagle-eyed readers, the CVE (Common Vulnerabilities and Exposures) number may look familiar, and that is because it’s the same vulnerability Apple recently patched for newer iPhones and iPads with iOS 15.6.1 / iPadOS 15.6.1 and Macs with macOS 12.5.1. The flaw is rooted in WebKit, the engine behind Apple’s Safari web browser.
Apple’s developer site states that only 4% of actively used iPhones and 10% of actively used iPads are still running a version of iOS/iPadOS 14. That said, with Apple confirming it has over 1.8BN active devices, that still equates to 10s of millions of older iPhones and iPads.
Apple deserves great credit for its ongoing security support. While companies have to draw a line somewhere, the iPhone 5S is now eight years old, and the longest security support offered by Google and Samsung is five years.
No, you probably aren’t using an iPhone 5S or an iPad 3 as your primary device anymore, but they can live on as kids’ phones, baby monitors and more. All of which allows Apple to continue successfully selling the message that you get what you pay for.
Follow Gordon on Facebook
More On Forbes