Your Old iPhone Needs an Update! iOS 16.7.12 Fixes a Critical Security Flaw

Apple backported a vital security fix to older iPhones and iPads this week to address an issue likely exploited in targeted spyware attacks.

The update – iOS 16.7.12 and iPadOS 16.7.12 – is available for iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation.

The update addresses an issue in ImageIO, where iOS reads and writes images.

‘Exploited in an extremely sophisticated attack’

Tracked as CVE-2025-43300, the flaw is described as “an out-of-bounds issue [where] processing a malicious image file may result in memory corruption.”

More importantly, “Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals,” the advisory states.

The issue was first addressed last month on newer-generation devices with the release of iOS 18.6.2, and on Macs running macOS Sequoia, macOS Sonoma, and macOS Ventura.

Likely used for surveillance

WhatsApp used similar language when addressing a serious flaw on its end around the same time Apple was rolling out the patch. The timing wasn’t a coincidence: criminals had been exploiting both security flaws, chaining them together:

“We assess that this vulnerability, in combination with an OS-level vulnerability on Apple platforms (CVE-2025-43300), may have been exploited in a sophisticated attack against specific targeted users,” WhatsApp noted at the time.

Donncha Ó Cearbhaill from Amnesty International chimed in on X to warn that the WhatsApp flaw was a “zero-click” bug – one that could be exploited remotely, with no interaction from the victim.

Healso warned of “early indications […] that the WhatsApp attack is impacting both iPhone and Android users, civil society individuals among them.”

Historically, exploits like these have involved spyware, typically targeting activists, dissidents, political rivals, human rights advocates, investigative journalists and other high-profile people. Apple, Google, and WhatsApp-parent company Meta have been fighting the threat for years.

As we regularly warn, even if you’re not a high-risk person, it’s always a good idea to stay up to date with the latest security patches – you never know when you trip a wire and become a target.

Patch your iGear!

If you’re wielding an older iPhone or iPad capped at iOS 16, go to Settings -> General -> Software Update, and fetch yourself iOS 16.7.12 / iPadOS 16.7.12. When prompted, give your device permission to apply the patch and restart.

For peace of mind, run a dedicated security solution on all your personal devices. On Apple gear, keep the trusty Lockdown Mode toggle handy if you have reason to believe hackers might target you.

You may also want to read:

Patch Your iPhones and Macs! Apple Tackles Critical Security Flaw with iOS 18.6.2, macOS Sequoia 15.6.1

WhatsApp Patches Zero-Click Spyware Attack Vector on Android

Apple Warns High-Risk People in 92 Countries They May Be Targeted by Spyware