If you’re still on an Apple gadget running iOS 12, Apple’s rolling out an important security update that patches three vulnerabilities, including some that may have been exploited in the wild.
To get iOS 12.5.4, you can go to Settings, General, and then select Software Update. The devices impacted are the iPhone 5S, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and the 6th generation iPod touch.
According to Apple’s release notes, the patch targets two WebKit vulnerabilities and one “maliciously crafted certificate”—all of which could lead to arbitrary code execution. Apple also says that the two WebKit vulnerabilities may have actively exploited, meaning it’s a good idea for anyone with an older device to download the update. The certificate vulnerability was also patched in iOS 14.6.
While it’s good form to do so, companies aren’t obligated to maintain security updates for older gadgets. Many don’t beyond a specified period, typically 2-5 years depending on the product, that’s buried in the fine print. This particular group of Apple gadgets no longer received new features once iOS 13 dropped in fall 2019 but are still technically functional. All things considered, nearly all of these gadgets launched in 2013 or 2014, making them six or seven years old at this point. (The 6th gen iPod Touch is the “newest” as it launched in 2015.) By today’s standards, these are absolutely ancient.
You might be wondering, who the hell still has an iPhone 6 or 5S anymore? The answer might surprise you. According to DeviceAtlas, at least 5.3% of iPhone users in 2020 had an iPhone 6, 1.55% had an iPhone 5S, and 1.42% had an iPhone 6 Plus. In total, that’s nearly 8.3% of all iPhone users. (If you’re curious, DeviceAtlas says the most popular iPhone by usage is the iPhone 7 globally, and the iPhone XR in the U.S.)
Generally, we recommend that users upgrade once their device is no longer capable of supporting newer software due to aging hardware—or if updating to new software is more trouble than it’s worth. We also strongly recommend upgrading once a company no longer provides security updates. That said, Apple devices are expensive as hell, so it’s nice to see Apple continue to provide these updates for users who may be unable to upgrade.