If You Have One of These Older Apple Devices, Update It As Soon As Possible.
If you have an older Apple device that doesn’t support the latest operating system, you may not receive all the security updates released for the latest version of iOS—or at least not at the same time. Apple just released a patch for older devices that addresses a number of bugs already fixed in updates for newer models. Many of these bugs were used in zero-day attacks, so if you have one of the affected devices, you should install these updates as soon as possible.
Zero-day vulnerabilities have been patched with an update for older iPhone and iPad models.
As reported by BleepingComputer, the March 11securityupdate addresses vulnerabilities used for cyberespionage and cryptocurrency theft. These vulnerabilities are part of the Coruna exploit kit , a spyware and surveillance software package containing a total of 23 exploits targeting iOS versions from 13.0 to 17.2.1. Researchers at Google Threat Intelligence Group observed its use by state-backed Russian hackers, surveillance software vendors, and a Chinese threat actor.
The vulnerabilities Apple is patching allow attackers to escalate kernel privileges or achieve remote code execution on affected devices. These include CVE-2023-43010, CVE-2024-23222, CVE-2023-43000, and CVE-2023-43010, all of which affect WebKit, as well as CVE-2023-41974, a kernel vulnerability.
The update applies to older models running iOS 15.8.7/16.7.15 and iPadOS 15.8.7/16.7.15:
-
iPhone 6s
-
iPhone 7
-
iPhone SE (1st generation)
-
iPhone 8
-
iPhone 8 Plus
-
iPhone X
-
iPad Air 2
-
iPad Mini (4th generation)
-
iPod Touch (7th generation)
-
iPad (5th generation)
-
iPad Pro 9.7-inch
-
iPad Pro 12.9-inch (1st generation)
In February of this year, Apple patched another zero-day vulnerability in iOS 26, iPadOS 26, and macOS Tahoe that the company claimed could have been used in an “extremely sophisticated attack against specific targeted individuals.”