iOS 12.5.4 Update Released for Older iPhone & iPad Models with Security Fixes
Apple has released iOS 12.5.4 with important security fixes for older iPhone and iPad models.
The iOS 12.5.4 update is available for devices that are not capable of running later iOS and iPadOS versions, including the latest iOS 14.6 and iPadOS 14.6 release.
Specifically, iOS 12.5.4 is available for iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch 6th generation. Other devices will not find an update available.
How to Download & Update iOS 12.5.4
Be sure to backup the device before updating. Users with an eligible device an update to iOS 12.5.4 by doing the following:
- Open the “Settings” app on iPhone or iPad
- Go to “General”, then choose “Software Update”
- Choose to “Download and Install” when “iOS 12.5.4” shows as available
The iPhone or iPad will reboot to complete installation.
No features or changes are included, this is only a security update.
iOS 12.5.4 IPSW Download Links
Advanced users can also choose to download and use IPSW files for iOS 12.5.4:
- Updating…
Security release notes for the iOS 12.5.4 are as follows, via Apple:
Security
Available for: iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation)
Impact: Processing a maliciously crafted certificate may lead to arbitrary code execution
Description: A memory corruption issue in the ASN.1 decoder was addressed by removing the vulnerable code.
CVE-2021-30737: xerubWebKit
Available for: iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation)
Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
Description: A memory corruption issue was addressed with improved state management.
CVE-2021-30761: an anonymous researcherWebKit
Available for: iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation)
Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
Description: A use after free issue was addressed with improved memory management.
CVE-2021-30762: an anonymous researcher
Because of the nature of the security fixes being addressed, it’s recommended for all users of older devices to install the iOS 12.5.4 update as soon as possible.
