Apple has released a security update for iOS 12.5.4 to fix two vulnerabilities exploited in the wild.
The update is available for older generation models iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation).
The tech giant confirmed it is aware two WebKit vulnerabilities (CVE-2021-30761 and CVE-2021-30762) have been actively exploited. For both issues, the processing of maliciously crafted web content could lead to arbitrary code execution.
Moreover, Apple patched one additional Security vulnerability CVE-2021-30737.
Late last month, Apple also released updates for iOS 14.6, macOS Big Sur 11.4 and other products. In those updates, a patched macOS Big Sur vulnerability CVE-2021-30713 had been exploited in the wild.
- Apple security updates for iOS 14.6, macOS Big Sur 11.4 and other products – updated
- Apple fixes Boot Camp vulnerability (CVE-2021-30675)
- Apple fixes vulnerabilities under active exploit (CVE-2021-30663 and CVE-2021-30665)
- XCSSET malware now targets Apple’s macOS 11 and M1-based Macs
- Apple iOS 14.4.2 security update fixes zero-day vulnerability exploited in the wild
- North Korea threat actors use AppleJeus malware to steal cryptocurrency
- Apple releases iOS 14.4 with fixes for 3 zero-days exploited in wild (and other security updates)