If you have an iOS device that can run iOS 12 but not iOS 13, Apple has a security fix for you. iOS 12.4.2 eliminates a vulnerability that could allow a remote attacker to cause an “unexpected application termination or arbitrary code execution,” exactly like Apple’s recent Mac-focused security updates (see “macOS Mojave 10.14.6 Supplemental Update 2,” 27 September 2019 and “Security Update 2019-005 (High Sierra and Sierra),” 27 September 2019). You can get the update, which clocks in at 77.7 MB on an iPhone 5s, in Settings > General > Software Update or through iTunes.
It’s a little unusual for Apple to release updates to versions of iOS other than the current one. But the fact that this vulnerability, which was identified by Google Project Zero, affects both macOS and iOS, and allows a remote attack, suggests that it may be a particularly ugly bug.