Particle.news
Download on the App Store
21 ARTICLES
·
4h ago

Apple Backports Coruna Exploit Fixes in iOS 16.7.15 and 15.8.7 for Older iPhones and iPads

CISA has set a March 26 deadline for federal agencies to patch after researchers detailed Coruna’s multi‑chain iOS attacks.

Image
Apple's iPhone 13 lineup shipped with iOS 15 out-of-the-box
Latest iOS 15 & iOS 16 updates target Coruna exploit
Apple releases new update to older devices (File Photo: Reuters)

Overview

  • Apple confirmed the updates address WebKit and kernel flaws tied to Coruna, backporting protections previously shipped in newer iOS releases.
  • iOS/iPadOS 15.8.7 fixes CVE-2023-41974 (kernel) plus WebKit issues CVE-2024-23222, CVE-2023-43000, and CVE-2023-43010; iOS/iPadOS 16.7.15 addresses CVE-2023-43010.
  • Eligible devices include iPhone 6s, 7, first‑gen SE, 8, 8 Plus, X, several older iPads, and iPod touch (7th gen), with installation available via Settings > General > Software Update.
  • Google and iVerify described Coruna as five exploit chains leveraging about 23 vulnerabilities to target iOS 13.0 through 17.2.1, with reuse by state‑linked and criminal actors.
  • CISA added related CVEs to its Known Exploited Vulnerabilities catalog and ordered Federal Civilian Executive Branch agencies to remediate by March 26, urging immediate updates.