Apple released an out-of-band iOS update for older iPhones and iPads and warned that threat actors are actively exploiting two flaws in WebKit. The IT giant also warned that some vulnerabilities affecting its WebKit may have been actively exploited. Apple did not share details of the attacks that targeted older models of Apple iPhone devices. The iOS 12.5.4 patch addressed at least three vulnerabilities that could be exploited by threat actors to execute arbitrary code on vulnerable devices. It also addressed a memory corruption issue in the ASN.1 decoder.”]
Source: https://securityaffairs.co/wordpress/118970/security/apple-fixed-webkit-flaws.html