Apple has rolled out an emergency security update, iOS 15.8.7 and iPadOS 15.8.7, to protect users of older iPhones and iPads from a sophisticated threat known as the Coruna exploit kit.
Released on March 11, 2026, this critical patch backports several major security fixes that were previously issued for newer devices running iOS 16 and iOS 17.
Because older hardware cannot upgrade to the latest operating systems, Apple occasionally provides lifeline updates to patch severe flaws.
This latest release addresses four distinct vulnerabilities across the device’s Kernel and WebKit engine that attackers could chain together to execute malicious code and compromise unpatched systems.
The Coruna Exploit Kit Threat
The Coruna exploit kit relies on exploiting known memory corruption and use-after-free vulnerabilities.
By targeting users with maliciously crafted web content, attackers can trigger these flaws to bypass security sandboxes.
Once out of the sandbox, the exploit targets the device’s Kernel to elevate privileges, granting the attacker extensive control over the compromised iPhone or iPad.
To combat this, Apple has backported four critical fixes to the iOS 15 ecosystem.
The update addresses one Kernel vulnerability and three flaws within WebKit, Apple’s browser engine that powers Safari and all third-party browsers on iOS. The fixed vulnerabilities include:
- CVE-2023-41974 (Kernel): Discovered by Félix Poulin-Bélanger, this use-after-free issue allowed malicious applications to execute arbitrary code with maximum kernel privileges. Apple addressed this by improving memory management. This fix was originally deployed in iOS 17 in September 2023.
- CVE-2024-23222 (WebKit): A severe type confusion vulnerability where processing maliciously crafted web content could lead to arbitrary code execution. Apple improved security checks to patch this flaw, which was initially fixed for newer devices in iOS 17.3 in January 2024.
- CVE-2023-43000 (WebKit): A use-after-free vulnerability capable of causing memory corruption when users visit a malicious webpage. Apple mitigated the threat with improved memory management. This patch was first shipped in iOS 16.6 in July 2023.
- CVE-2023-43010 (WebKit): Another memory handling issue tied to processing malicious web content, which could also lead to memory corruption. This was resolved with improved memory handling and was originally fixed in iOS 17.2 in December 2023.
Affected Devices
This emergency update is specifically designed for older Apple hardware that is no longer eligible for mainline iOS updates. The affected devices include:
- iPhone 6s (all models).
- iPhone 7 (all models).
- iPhone SE (1st generation).
- iPad Air 2.
- iPad mini (4th generation).
- iPod touch (7th generation).
Users operating these older devices are strongly urged to update their operating systems immediately.
Because the vulnerabilities leveraged by the Coruna exploit kit have been public and patched on newer devices for several months and in some cases, years threat actors have had ample time to understand the underlying code and develop reliable attack chains.
To install the patch, users should navigate to Settings, tap General, and select Software Update to download and apply iOS 15.8.7 or iPadOS 15.8.7.
Follow us on Google News, LinkedIn, and X to Get Instant Updates and Set GBH as a Preferred Source in Google.
