iOS zero-day vulnerability patched with iOS 12.5.5 update
- Apple released iOS 12.5.5 for older devices to patch zero-day vulnerabilities.
- The update includes a critical fix for a CoreGraphics flaw.
- This vulnerability impacted a wide range of devices such as iPhone 5S, iPhone 6, iPhone 6 Plus, iPad Air, iPad Mini 2, iPad Mini 3, and the sixth-gen iPod Touch.
On Tuesday, Apple pushed out updates for older versions of iOS and MacOS. These updates were sent out to patch the zero-day vulnerabilities, which include a bug that was likely exploited in the wild by NSO group's Pegasus spyware.
On September 23, iOS 12.5.5 was released and included a fix for a CoreGraphics flaw which allowed attackers to execute arbitrary code on any target device through maliciously crafted PDF files.
This flaw was originally detected by Citizen Lab, which is an interdisciplinary laboratory at the University of Toronto’s Monk School of Global Affairs. The group strongly suggested NSO developed the exploit to bolster their Pegasus malware tool.
The vulnerability possibly might have been exploited in the wild, according to a support document which detailed the updates' security content. It impacted a large range of iPhone and iPad models, including the iPhone 5S, the iPhone 6, the iPhone 6 Plus, the iPad Air, the iPad Mini 2, the iPad Mini 3 and the sixth generation iPod touch.
Recommended by the editors:
Thank you for visiting Apple Scoop! As a dedicated independent news organization, we strive to deliver the latest updates and in-depth journalism on everything Apple. Have insights or thoughts to share? Drop a comment below—our team actively engages with and responds to our community. Return to the home page.Published to Apple Scoop on 24th September, 2021.
No password required
A confirmation request will be delivered to the email address you provide. Once confirmed, your comment will be published. It's as simple as two clicks.
Your email address will not be published publicly. Additionally, we will not send you marketing emails unless you opt-in.