iOS zero — day vulnerability patched with iOS 12.5.5 update
- Apple released iOS 12.5.5 for older devices to patch zero-day vulnerabilities.
- The update includes a critical fix for a CoreGraphics flaw.
- This vulnerability impacted a wide range of devices such as iPhone 5S, iPhone 6, iPhone 6 Plus, iPad Air, iPad Mini 2, iPad Mini 3, and the sixth-gen iPod Touch.
On September 23, iOS 12.5.5 was released and included a fix for a CoreGraphics flaw which allowed attackers to execute arbitrary code on any target device through maliciously crafted PDF files.
This flaw was originally detected by Citizen Lab, which is an interdisciplinary laboratory at the University of Toronto’s Monk School of Global Affairs. The group strongly suggested NSO developed the exploit to bolster their Pegasus malware tool.
The vulnerability possibly might have been exploited in the wild, according to a support document which detailed the updates' security content. It impacted a large range of iPhone and iPad models, including the iPhone 5S, the iPhone 6, the iPhone 6 Plus, the iPad Air, the iPad Mini 2, the iPad Mini 3 and the sixth generation iPod touch.
Recommended by the editors:
- No More September iPhones? Apple's Strategy Shift Changes Everything
- iPhone 18 Rumors: Apple Reportedly Testing Under Display Face ID
- Foldable iPhone Could Be Apple’s Most Expensive Phone Ever At $2,399
- 200+ Best Winter Wallpapers for iPhone & Android (Free 4K/HD)
- iPhone Fold and iPhone Air 2: Rumors, Release Date, Design, Cameras, and More
Published to Apple Scoop on 24th September, 2021.
