The last update issued by Apple only partially fixed the two vulnerabilities exploited in the Masque Attack (CVE-2015-3722/3725) The two exploits were dubbed Manifest Masque and Extension Masque. They can be used to demolish apps, including system apps (e.g., Apple Watch, Health, Pay and so on), and to break the app data container. Around one-third of iOS devices still have not updated to versions 8.1.3 or above, leaving the devices open to the attacks.”]
Source: https://securityaffairs.co/wordpress/38219/hacking/apple-partially-fix-masque-attack.html