iOS zero-day vulnerability patched with iOS 12.5.5 update
24th September, 2021 at 12:29 am by Sam and Yash
- Apple released iOS 12.5.5 for older devices to patch zero-day vulnerabilities.
- The update includes a critical fix for a CoreGraphics flaw.
- This vulnerability impacted a wide range of devices such as iPhone 5S, iPhone 6, iPhone 6 Plus, iPad Air, iPad Mini 2, iPad Mini 3, and the sixth-gen iPod Touch.
On Tuesday, Apple pushed out updates for older versions of iOS and MacOS. These updates were sent out to patch the zero-day vulnerabilities, which include a bug that was likely exploited in the wild by NSO group's Pegasus spyware.
On September 23, iOS 12.5.5 was released and included a fix for a CoreGraphics flaw which allowed attackers to execute arbitrary code on any target device through maliciously crafted PDF files.
This flaw was originally detected by Citizen Lab, which is an interdisciplinary laboratory at the University of Toronto’s Monk School of Global Affairs. The group strongly suggested NSO developed the exploit to bolster their Pegasus malware tool.
The vulnerability possibly might have been exploited in the wild, according to a support document which detailed the updates' security content. It impacted a large range of iPhone and iPad models, including the iPhone 5S, the iPhone 6, the iPhone 6 Plus, the iPad Air, the iPad Mini 2, the iPad Mini 3 and the sixth generation iPod touch.
We developed our own custom comment system, Instant Reply, to deliver a tracker-free, fast and easy experience! No sign up required.