iOS 12 was introduced in September 2018, but Apple has just released an important security update. If you are still running iOS 12 you should update now.
Apple released iOS 12.5.3 on 3 May 2021. There are no new features, but, according to the security notes, Apple has fixed four bugs in Webkit and Webkit memory. Two of these vulnerabilities, CVE-2021-30665 and CVE-2021-30663, were also found in iOS 14.5 and macOS Big Sur 11.3, watchOS 7.4.1 only fixed one of them: CVE-2021-30665.
The company also updated macOS to 11.3.1, iOS and iPadOS to 14.5.1 and watchOS to 7.4.1. tvOS was not touched.
All four holes were being used by attackers, according to Apple’s support notes. If the user opened a specially prepared page, the system could execute illegal code in the background. This code execution opened the door to other attacks on data and the system.
Apple does not usually reveal exactly who the attacks were against. Employees of Chinese IT company Qihoo 360, which sells anti-virus software, discovered the vulnerabilities and users on Twitter speculate that the gaps have been actively exploited in China.
It is advisable to update all Apple systems to the latest versions.
iOS 12 is possibly Apple's longest-maintained mobile operating system. In December 2020 Apple brought released version iOS 12.5, which enabled Apple's contact tracking APIs to also be used on older iPhones such as the iPhone 6. iOS 12 was also updated in January when the iOS 12.5.1 update fixed a problem in Messages. iOS 12.5.2 arrived on 30 March, in that case Apple fixed a problem with WebKit after Apple became aware of an exploit where maliciously crafted web content could lead to universal cross site scripting.
This article originally appeared on Macwelt. Translation by Karen Haslam.