Apple has released more updates to patch a remote-code execution flaw that is being actively exploited. The vulnerability was patched earlier this month in newer devices. However, the Wednesday update, iOS 12.5.6 now makes it possible to patch iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch 6th generation. The flaw is found in WebKit and can allow attackers to craft malicious Web content that allows an attacker to perform remote code execution on a target’s device.
Apple addressed the flaw as an out of bounds write issue in WebKit. The vulnerability is tracked as CVE-2022-32893 and Apple acknowledged that the bug is under active exploit. Users of affected devices should implement the patch immediately.
Read More: Apple Quietly Releases Another Patch for Zero-Day RCE Bug