When iOS 15 was released, Apple stopped releasing regular updates for iOS 12.
Apple is releasing a rare security update for older iPhones and iPads that are still running iOS 12, an operating system that hasn’t received a security update in nearly a year. The iOS 12.5.6 update addresses a single “actively exploited” WebKit bug that could lead to arbitrary code execution if a user comes into contact with “maliciously crafted web content” on their device.
iOS 12.5.6 is now available for all devices that support iOS 12 but cannot be updated to a newer version of iOS or iPadOS. The iPhone 5S, iPhone 6 and 6 Plus, the original iPad Air, the iPad mini 2 and iPad mini 3, and the sixth-generation iPod Touch are all on the list.
This is the same “actively exploited” zero-day WebKit vulnerability that Apple patched in newer iOS and macOS versions a couple of weeks ago—not an ideal time gap for an actively exploited bug, but it was probably justified by iOS 12’s age and dwindling usage share (as of this writing, Apple’s developer site says that about 4% of actively used iPhones and 10% of actively used iPads run a version older than iOS/iPadOS 14). Apple claims that iOS 12 devices are not affected by the kernel vulnerability patched in the previous update.
It’s not unheard of for Apple to release minor updates for old, unsupported iDevices when something serious occurs; for example, in 2019, both iOS 9 and iOS 10 were updated long after their expiration dates to fix a GPS bug. After iOS 13 was released, these same iOS 12 devices received security updates for nearly two years. If you still use an iPhone 5S or iPad Air as a Netflix screen or for some other specialised task, make sure to download the new update.