Apple Inc. has recently issued an urgent security update, denoted as iOS 15.8.7 and iPadOS 15.8.7, aimed at safeguarding users with older iPhones and iPads against a serious cyber threat identified as the Coruna exploit kit. This release, made available on March 11, 2026, serves as a critical patch that integrates several important security enhancements that were previously reserved for newer operating systems, specifically iOS 16 and iOS 17.
Typically, older Apple hardware cannot be upgraded to the latest versions of their operating systems. Consequently, Apple has made provisions to issue lifeline updates like this one to mitigate significant vulnerabilities affecting these devices. The latest update specifically targets four distinct security vulnerabilities spread across the device’s Kernel and the WebKit engine. These vulnerabilities possess the potential to be exploited in sequence, allowing attackers to execute harmful code and take control over unprotected systems.
Understanding the Coruna Exploit Kit Threat
The Coruna exploit kit represents an advanced cyber threat that exploits previously known vulnerabilities, including memory corruption and use-after-free flaws. Attackers can leverage these weaknesses by delivering maliciously crafted web content designed to fool users. When users access such content, they inadvertently trigger these flaws, which subsequently bypass security measures intended to protect the device. Once inside the security sandbox, attackers can then exploit the vulnerabilities to target the device’s Kernel, thereby gaining elevated privileges and significant control over the compromised iPhone or iPad.
To counter this emerging threat, Apple has incorporated four essential security fixes into the latest iOS 15 ecosystem update. The fixes address a pair of vulnerabilities found in the Kernel and three vulnerabilities associated with WebKit, the underlying engine that powers both Apple’s Safari browser and other third-party browsers utilized on iOS platforms. The key vulnerabilities addressed in this emergency update are as follows:
-
CVE-2023-41974 (Kernel): Identified by Félix Poulin-Bélanger, this use-after-free vulnerability enabled malicious applications to execute arbitrary code with full kernel privileges. Apple rectified this issue by improving memory management protocols, which were initially deployed in iOS 17 back in September 2023.
-
CVE-2024-23222 (WebKit): This type confusion vulnerability posed a severe risk, as processing harmful web content could lead to unauthorized code execution. Apple bolstered security checks to resolve this vulnerability, which was first addressed for newer devices in iOS 17.3 released in January 2024.
-
CVE-2023-43000 (WebKit): Another critical use-after-free vulnerability, this issue could have resulted in memory corruption when users stumbled upon a malicious webpage. Apple subsequently improved memory management to mitigate this threat. This patch first appeared in iOS 16.6 in July 2023.
- CVE-2023-43010 (WebKit): Similar to the aforementioned vulnerabilities, this memory handling issue was also associated with the processing of nefarious web content, leading to potential memory corruption. Apple resolved this flaw through enhanced memory handling, with the initial fix appearing in iOS 17.2 in December 2023.
Devices Affected by the Update
This emergency security update is primarily designed for older Apple hardware that is no longer eligible for standard iOS updates. The devices affected by this crucial update include:
- iPhone 6s (all models)
- iPhone 7 (all models)
- iPhone SE (1st generation)
- iPad Air 2
- iPad mini (4th generation)
- iPod touch (7th generation)
Users currently operating these legacy devices are strongly encouraged to update their operating systems immediately. It is noteworthy that the vulnerabilities exploited by the Coruna exploit kit have been publicly known and patched in newer device versions for several months, and in some instances, years. This time frame has potentially allowed threat actors sufficient opportunity to analyze the underlying code and develop reliable methods for exploitation.
To install this essential patch, users should navigate to their device’s Settings, tap on General, and select Software Update to download and apply iOS 15.8.7 or iPadOS 15.8.7 immediately. By staying proactive and ensuring their devices are updated, users can better defend themselves against increasingly sophisticated threats in the digital landscape.