Apple Releases Security Update for Older iPhones and iPads

Publication Date: 13.03.2026

Rate this article:

4.9/5 ( 89 votes )

Table of Contents:

Apple has released security updates for older iPhones and iPads to address vulnerabilities targeted by the Coruna exploit kit, which has been used in cyber espionage and cryptocurrency theft attacks since February 2025. These patches cover devices that cannot run the latest iOS version and have not benefited from previous fixes applied to newer hardware.

In security announcements published on Wednesday, Apple stated that this update brings the fix to devices that cannot be updated to the latest iOS version.

Apple Begins Fixing Coruna Vulnerabilities Used in Real Attacks Since Early 2025

The Coruna exploit kit has reportedly been linked to several attack campaigns since early 2025. Security researchers say that this kit contains multiple exploit chains that can execute code remotely or gain kernel-level privileges on vulnerable devices.

Apple's updates address several vulnerabilities targeted by the framework, including:

CVE-2023-41974: A use-after-free vulnerability in the kernel, reportedly fixed with improved memory management
CVE-2024-23222: A WebKit type confusion issue addressed with improved controls
CVE-2023-43000: A use-after-free vulnerability in WebKit
CVE-2023-43010: A WebKit memory management error

Many of these issues had been previously fixed in newer iOS versions but had not yet been patched on older devices.

Devices Affected by the Coruna Exploit Kit

The updates apply to devices running iOS 15.8.7 and iPadOS 15.8.7, as well as iOS 16.7.15 and iPadOS 16.7.15. The affected hardware includes:

iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPhone 8, iPhone 8 Plus, and iPhone X
iPad Air 2, iPad mini (4th generation), iPad (5th generation), iPad Pro 9.7-inch, iPad Pro 12.9-inch (1st generation), and iPod touch (7th generation)

Three Threat Groups Using the Coruna Exploit Kit

According to a statement by the Google Threat Intelligence Group (GTIG), the Coruna exploit kit has been used by at least three different threat groups since February 2025. These include a suspected Russian state-sponsored group tracked as UNC6353, a surveillance vendor client, and a financially motivated Chinese threat actor tracked as UNC6691.

UNC6691 delivered malware that stole cryptocurrency wallet data from infected devices by distributing the exploit kit through fake gambling and cryptocurrency websites.

CISA Orders U.S. Agencies to Patch Vulnerabilities Used by Coruna

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) recently added several vulnerabilities exploited by Coruna to its Known Exploited Vulnerabilities catalog.

Federal agencies have been instructed to apply patches to affected devices by March 26. Apple recommends that users update their devices as soon as possible to protect against these vulnerabilities; they only need to follow Settings > General > Software Update to update.

Apple has not indicated whether additional backported patches for this exploit kit are planned.

Comments

(7 Comments)

AY

Aylin Yıldız

It's nice to receive security updates for old devices, but it's sad that it's so late.
KA

Kerem Acar

Apple needs to continuously track these updates. Old devices are important too.
SG

Seda Gökçe

The widespread use of the Coruna exploit kit is frightening. How will we ensure our security?
MC

Mertcan Civelek

I will update immediately; I don't want security vulnerabilities on my old device.
ZT

Zeynep Tüfekçi

Are these updates sufficient for old devices? Or do I need to buy a new device?
EK

Erdal Kılıç

Apple's support for old devices is commendable. I hope these kinds of updates continue.
PK

Poyraz Karanfil

It's important to make security updates on time. I hope other brands take example.