Apple’s Urgent iOS 15.8.7 Update Counters Exploit Threat

Apple’s Urgent iOS 15.8.7 Update Counters Exploit Threat

Posted on By CWS

Apple has issued a critical security update, iOS 15.8.7, aimed at safeguarding older devices against a significant cyber threat known as the ‘Coruna’ exploit kit. Released on March 11, 2026, this update delivers essential fixes from newer iOS versions to protect legacy hardware from sophisticated attacks.

Understanding the Coruna Exploit Threat

The Coruna exploit kit operates by exploiting multiple vulnerabilities to compromise Apple devices. It targets both the Kernel, which is the core of the device’s operating system, and the WebKit browser engine. This allows attackers to gain complete control over an iPhone or iPad by luring users to malicious websites.

Apple had previously addressed these vulnerabilities in iOS 16 and iOS 17 updates between July 2023 and January 2024. However, the Coruna kit continues to exploit these older flaws, prompting Apple to extend critical patches to devices unable to upgrade to the latest OS versions.

Devices Affected and Security Flaws Fixed

The iOS 15.8.7 update is crucial for users of older Apple models, including iPhone 6s, iPhone 7, iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation). The patch addresses four major security vulnerabilities that the Coruna kit leverages.

These vulnerabilities include a Kernel issue (CVE-2023-41974) discovered by researcher Félix Poulin-Bélanger, which involved a use-after-free memory flaw allowing arbitrary code execution. Apple resolved this by enhancing memory management.

Additionally, two WebKit memory corruption issues (CVE-2023-43000 and CVE-2023-43010) and a WebKit type confusion flaw (CVE-2024-23222) were fixed. These flaws could lead to arbitrary code execution upon processing malicious web content, which Apple addressed with improved validation and memory management.

Importance of Timely Updates

The Coruna exploit kit’s ability to initiate web-based attacks makes it a significant risk, as users could be targeted merely by browsing the internet or opening harmful links. The combination of WebKit and Kernel vulnerabilities poses a high-level threat by enabling system privilege escalation.

It is imperative for users of the affected legacy devices to promptly navigate to their device settings and download the iOS 15.8.7 or iPadOS 15.8.7 update. This action will ensure protection against these known security threats.

For continuous updates on cybersecurity, follow us on Google News, LinkedIn, and X. Reach out to us to feature your stories.

Cyber Security News Tags:, , , , , , , , ,

Related Posts

Carnival Cruise Data Breach Hits Millions Carnival Cruise Data Breach Hits Millions Cyber Security News
Top 10 Best API Security Testing Tools in 2025 Top 10 Best API Security Testing Tools in 2025 Cyber Security News
FBI Shuts Down LeakBase Cybercrime Hub FBI Shuts Down LeakBase Cybercrime Hub Cyber Security News
Fake Zoom Website Exploits 1,437 Users with Spyware Fake Zoom Website Exploits 1,437 Users with Spyware Cyber Security News
LG Innotek Camera Vulnerabilities Let Attackers Gain Administrative Access LG Innotek Camera Vulnerabilities Let Attackers Gain Administrative Access Cyber Security News
Darknet Market Escrow Systems is Vulnerable to Administrator Exit Scams Darknet Market Escrow Systems is Vulnerable to Administrator Exit Scams Cyber Security News