iOS 12.5.5 update blocks Pegasus spyware from older iPhones

By

iOS 12.5.5 update blocks Pegasus spyware from older iPhones
Install iOS 12.5.5 on your older iPhone to protect it from the Pegasus spyware.
Photo: Андрей Сидоренко/Pixabay/Cult of Mac

iPhone models that can’t install iOS 14 or iOS 15 can still get protection from the infamous Pegasus spyware thanks to iOS 12.5.5. Apple released this update Thursday for devices as old as the iPhone 5s to close a security hole in active use by hackers.

The same update can also be installed on older iPad and iPod touch models.

iOS 12.5.5 closes security holes in active use

Apple introduced iOS 14.8 in mid-September to fix the security flaws used by Pegasus. And this week’s iOS 15 release includes the same fixes. But many older models can’t install either of those. They can use iOS 12.5.5, however.

According to Apple, the security patch released Thursday is for the iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation).

Slaying Pegasus

Apple’s support website gives the details on what’s been fixed. There are a number of patches in iOS 12.5.5, but the most important one is to CoreGraphics. Previously, a hole allowed a hacker to break into an device with a deliberately crafted PDF.

As noted by the support document, “Apple is aware of a report that this issue may have been actively exploited.” The Citizen Lab first discovered the flaw in an iPhone that had been hacked with Pegasus. This spyware was developed by NSO Group and is being used by governments around the world to hack the smartphones of activists, politicians, journalists and other individuals.

Installing iOS 12.5.5 is therefore highly recommended. More recent devices should get either iOS 15 or iOS 14.8.

That said, it’s not yet been proven that fixing the security hole found by The Citizen Lab will completely block Pegasus. But the spyware was undoubtedly using it.