iOS 12.5.6 has been released with security updates and bug fixes for devices unable to update to iOS 15.
This is the first update to iOS 12 since September 2021, when Apple patched an issue that enabled maliciously crafted PDFs, web content, and apps to execute code. The latest update addresses an exploit that has been patched in iOS 15 since the last update.
Apple provides periodic updates to older iPhones, iPads, and iPods that are not able to update past iOS 12. These updates do not provide any significant feature change or user-facing UI, but provide protection against known exploits that older devices may be vulnerable to.
Apple's security update website states the following:
CVE-2022-32893 filed by an anonymous researcher.
Update available for: iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation)
Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
Description: An out-of-bounds write issue was addressed with improved bounds checking.
The reported vulnerability patched in the update was one of two critical security issues patched in iOS 15.6.1. The second vulnerability, CVE-2022-32894, does not affect iOS 12.
The build number for iOS 12.5.6 is 16H71, up from 16H62.
Owners of the iPhone 6 or earlier will be alerted that an update is available. Navigate to the Settings app, General, then select Software Update to install iOS 12.5.6.
Source: Appleinsider