Apple releases iOS 12.5.4 with security updates for older devices
What you need to know
- Apple has released iOS 12.5.4 to a number of iPhone, iPad, and iPod touch models.
- The update addresses some security issues that may have been actively exploited.
If you have an older iPhone, iPad, or iPod touch, you may want to install the new iOS 12.5.4 software update.
iOS 12.5.4, which has been added to the Apple Security Updates page, is available for the following iPhone, iPad, and iPod touch models:
- iPhone 5s
- iPhone 6
- iPhone 6 Plus
- iPad Air
- iPad mini 2
- iPad mini 3
- iPod touch (6th generation)
Apple says that the update was released in order to address a few security issues that may have been exploited in the wild. One particular update address a memory corruption issue that could cause arbitrary code execution.
You can read all of the details about the security content of iOS 12.5.4 below:
Security
- Available for: iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation)
- Impact: Processing a maliciously crafted certificate may lead to arbitrary code execution
- Description: A memory corruption issue in the ASN.1 decoder was addressed by removing the vulnerable code.
- CVE-2021-30737: xerub
WebKit
- Available for: iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation)
- Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
- Description: A memory corruption issue was addressed with improved state management.
- CVE-2021-30761: an anonymous researcher
WebKit
Master your iPhone in minutes
iMore offers spot-on advice and guidance from our team of experts, with decades of Apple device experience to lean on. Learn more with iMore!
- Available for: iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation)
- Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
- Description: A use after free issue was addressed with improved memory management.
- CVE-2021-30762: an anonymous researcher
Users with the above devices can download the iOS 12.5.4 update now.
Joe Wituschek is a Contributor at iMore. With over ten years in the technology industry, one of them being at Apple, Joe now covers the company for the website. In addition to covering breaking news, Joe also writes editorials and reviews for a range of products. He fell in love with Apple products when he got an iPod nano for Christmas almost twenty years ago. Despite being considered a "heavy" user, he has always preferred the consumer-focused products like the MacBook Air, iPad mini, and iPhone 13 mini. He will fight to the death to keep a mini iPhone in the lineup. In his free time, Joe enjoys video games, movies, photography, running, and basically everything outdoors.