Apple released a set of security-only updates for older iPhone and iPad operating systems on Monday, a move that is rare for the company after a platform has stopped receiving new features.
At a Glance
- Apple pushed updates for iOS 12.5.8, iOS 15.8.6, and iOS 16.7.13.
- The updates renew expired security certificates, keeping core services functional.
- Devices eligible for the patches include models as old as the 2013 iPhone 5S.
- The changes do not add features or fix vulnerabilities.
- Why it matters: Users with legacy hardware can continue using iMessage, FaceTime, and Apple ID sign-in past the certificate expiry in January 2027.
Apple’s support for older hardware typically ends with the last major OS release, after which the company offers only security-only patches for a year or two. When those patches are exhausted, Apple rarely revisits the older operating systems. The latest batch of updates broke that pattern.
The Patch Rollout
Apple’s release notes for the new patches state that the only change is an updated security certificate. The certificate ensures that iMessage, FaceTime, and Apple account sign-in will remain operational after the original certificate expires in January 2027. The updates are:
| OS Version | Devices Covered | Release Note Detail |
|---|---|---|
| iOS 12.5.8 | iPhone 5S (2013) through iPhone 6 (2014) | Certificate renewal |
| iOS 15.8.6 | iPhone 6S, iPhone 7, iPad Air 2 | Certificate renewal |
| iOS 16.7.13 | iPhone 8, iPhone X | Certificate renewal |
Apple’s most recent iOS 18.7.4 update also updates its certificate, but that is expected as iOS 18 is still actively patched for newer devices.
Why the Certificate Matters
Security certificates are digital keys that authenticate a device’s connection to Apple’s services. When a certificate expires, services that rely on it-like iMessage or FaceTime-stop working. By pushing a new certificate, Apple guarantees that even devices stuck on older operating systems can keep using these essential features.
Apple’s release notes note that the iOS 16 update does not mention the certificate, and there is no equivalent update for devices on iOS 17. This suggests a selective approach to legacy support, focused on the most widely used older versions.
Device Capabilities and Limitations
While the updates keep core services alive, they do not address broader security or functionality gaps. Devices running iOS 12, 15, or 16 typically have only 1-2 GB of RAM and run Safari versions missing modern web security patches. Third-party app developers usually drop support for these OS versions after a year or two, making the devices less useful as general-purpose smartphones or tablets.
Despite these limitations, many users repurpose old iPhones and iPads as single-use appliances-such as a dedicated messaging device or a white-noise machine for children. The new patches help keep these secondary uses viable.
The Bigger Picture
Apple’s decision to issue these patches indicates a willingness to extend the usable life of older hardware beyond the usual two-year window. The company’s policy of providing only security-only updates after a platform’s end of life is a common industry practice, but Apple’s recent action shows that it will occasionally make exceptions.
For consumers, the updates mean that a device as old as the iPhone 5S can still participate in Apple’s ecosystem for a few more years. For Apple, it demonstrates a commitment to maintaining a minimal level of functionality for legacy devices, which can reduce electronic waste and support users who rely on older hardware.
Key Takeaways
- Apple issued security-only updates for iOS 12.5.8, iOS 15.8.6, and iOS 16.7.13.
- The updates renew expired certificates, preserving iMessage, FaceTime, and Apple ID sign-in.
- No new features or vulnerability fixes are included.
- Legacy devices remain functional for core services until at least January 2027.
- The move reflects Apple’s selective approach to extending support for older operating systems.
This story originally appeared on Megan L. Whitfield.
