Apple has rolled out new updates for iOS 15 and iOS 16 that effectively neutralize the Coruna exploit threatening older iPhone models. This exploit, believed to originate from a state-sponsored hacking tool leaked onto the black market, has been weaponized by cybercriminals to hijack devices and siphon cryptocurrency. The latest fixes bring security protections to iPhones as far back as the iPhone 6s, closing a loophole in Apple’s WebKit browser engine that allowed hackers to compromise devices through malicious links or emails.
The December 2023 update with iOS 17.2 initially patched the exploit on newer iPhones, but these recent iOS 15.8.7 and iOS 16.7.15 releases extend protection to users on older operating systems. Apple addressed specific vulnerabilities, including CVE-2023-43010 related to WebKit, along with other kernel and browsing engine issues exploited by Coruna. iPad users are not left out either, with corresponding updates for iPadOS 15.8.7 and 16.7.15.
Coruna’s origin as an expensive government-grade hack tool means it likely targets users selectively rather than en masse. However, its presence in the wild and modifications by malicious actors to steal cryptocurrency funds highlight the dangers of outdated software. Apple’s swift patching underscores the importance of keeping devices updated, especially older models that often miss out on critical security updates.
To stay secure against evolving threats like Coruna, users with older iPhones should ensure they install the latest available software updates. Those managing devices that might not notify them of these updates should assist in manually applying the patches to avoid exposure to this sophisticated exploit.