Comments
Apple has released a software upgrade with key security updates for older iPhones.
The tech giant is rolling out its OS update version iOS 12.5.4 for iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation).
The update addresses certain insecurity problems including two WebKit issues.
WebKit is the browser engine that is used in the Safari browser across all Apple devices.
One of the issues addressed in the update includes a memory corruption issue dubbed ‘CVE-2021-30737: xerub.’
“A memory corruption issue in the ASN.1 decoder was addressed by removing the vulnerable code,” reads the description of the vulnerability on the support page.
“ Processing a maliciously crafted certificate may lead to arbitrary code execution,” Apple said.
It has also addressed certain WebKit vulnerabilities which it believes may have been actively exploited.
This includes CVE-2021-30761 which is “a memory corruption issue” that was addressed with improved state management.
“Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited,” Apple said.
Another vulnerability CVE-2021-30762 was a use after free issue.
Apple described the impact of the vulnerability as, “Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.”
Comments
Comments
Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.
We have migrated to a new commenting platform. If you are already a registered user of TheHindu Businessline and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.