Apple Releases Emergency iOS 15.8.7 Update to Block ‘Coruna’ Exploit Kit
Apple has released an urgent security update, iOS 15.8.7 and iPadOS 15.8.7, to safeguard older iPhones and iPads against the Coruna exploit kit threat.
Announced on March 11, 2026, this critical patch backports key security fixes originally developed for newer iOS 16 and iOS 17 devices onto older hardware incapable of upgrading to the latest OS versions.
As older devices cannot access future mainstream updates, Apple periodically provides emergency security updates for severe vulnerabilities.
This update resolves four distinct vulnerabilities within the device’s Kernel and WebKit engine, which threat actors could chain together to execute malicious code and compromise unpatched systems.
The Coruna Exploit Kit Threat
The Coruna exploit kit leverages memory corruption and use-after-free vulnerabilities.
Attackers target users via malicious web content to trigger these flaws, bypassing security sandboxes. Once outside the sandbox, the exploit elevates privileges to the Kernel level, giving attackers full control over the compromised iPhone or iPad.
Apple counters this threat by backporting four critical fixes to iOS 15.
The update patches one Kernel vulnerability and three flaws in WebKit, Apple’s browser engine powering Safari and all third-party iOS browsers. The resolved issues include:
- CVE-2023-41974 (Kernel): A use-after-free bug found by Félix Poulin-Bélanger, allowing malicious code execution with kernel-level privileges. Mitigated by improved memory management (originally fixed in iOS 17 in Sept 2023).
- CVE-2024-23222 (WebKit): A severe type confusion flaw enabling arbitrary code execution via malicious web content. Mitigated by enhanced security checks (originally fixed in iOS 17.3 in Jan 2024).
- CVE-2023-43000 (WebKit): A use-after-free vulnerability causing memory corruption from malicious webpages. Mitigated by improved memory management (originally fixed in iOS 16.6 in July 2023).
- CVE-2023-43010 (WebKit): A memory handling issue leading to corruption from malicious web content. Mitigated by improved memory handling (originally fixed in iOS 17.2 in Dec 2023).
Affected Devices
This emergency update is exclusively for older Apple devices no longer receiving standard iOS updates. The affected hardware includes:
- iPhone 6s (all models).
- iPhone 7 (all models).
- iPad Air 2.
- iPad mini (4th generation).
- iPod touch (7th generation).
Owners of these older devices are strongly advised to install the update immediately.
Given that the vulnerabilities exploited by the Coruna kit have been publicly patched on newer devices for several months, even years, threat actors have had ample time to analyze the code and develop reliable attack chains.
To install the patch, users should navigate to Settings > General > Software Update to download and apply iOS 15.8.7 or iPadOS 15.8.7.