Props to Google Project Zero for finding the vulnerabilities that lead to these Apple security updates.
The updates are available for these older devices »
- iPad Air
- iPad mini 2
- iPad mini 3
- 6th gen iPod touch
- iPhone 5s
- iPhone 6
- iPhone 6 Plus
Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution
Description: An out-of-bounds read was addressed with improved input validation.
CVE-2019-8641: Samuel Groß and Natalie Silvanovich of Google Project Zero
The update is for iOS 12 devices that cannot upgrade to iOS 13, macOS Mojave 10.14.6, macOS High Sierra 10.13.6, and macOS Sierra 10.12.6.