Apple has released new software updates designed to deliver a Coruna Exploit Fix for older iPhone models still running iOS 16 and iOS 15. The updates address serious vulnerabilities discovered in Apple’s mobile operating system that could allow attackers to compromise devices.
The Coruna Exploit Fix forms part of Apple’s ongoing effort to protect users who continue to rely on older devices that cannot upgrade to the latest versions of iOS. The company also released similar security updates for older iPad models running iPadOS 16 and iPadOS 15.
Coruna Exploit Fix Targets Older iPhone Models
The Coruna Exploit Fix comes through several software updates, including iOS 16.7.15 and iOS 15.8.7. Apple also rolled out iPadOS 16.7.15 and iPadOS 15.8.7 to extend protection to compatible tablets.
Security researchers recently disclosed the Coruna exploit after identifying multiple vulnerabilities affecting Apple’s operating system. According to the findings, attackers could combine these flaws to gain unauthorized control of a device.
The exploit chain targets devices running versions between iOS 13 and iOS 17.2.1, which were released between 2019 and late 2023. Because many older iPhones remain on earlier operating systems, Apple issued the updates to ensure these devices also receive protection.
Coruna Exploit Fix Addresses Kernel Vulnerabilities
One of the most serious issues addressed by the Coruna Exploit Fix involves a kernel-level vulnerability. This flaw could allow malicious apps to execute arbitrary code with elevated system privileges.
Apple explained that the vulnerability resulted from a use-after-free bug within the kernel. Developers resolved the issue by improving memory management in the operating system.
The vulnerability is tracked as CVE-2023-41974. If exploited, attackers could potentially gain deep system access and bypass multiple security protections.
By delivering the Coruna Exploit Fix, Apple aims to prevent malicious applications from exploiting this weakness.
Coruna Exploit Fix Patches WebKit Security Flaws
The Coruna Exploit Fix also addresses several vulnerabilities in WebKit, the browser engine that powers Safari and many apps on iPhone and iPad devices.
These flaws could allow malicious web content to trigger memory corruption or execute unauthorized code. Attackers might exploit these issues through specially crafted websites.
One of the WebKit vulnerabilities, identified as CVE-2024-23222, resulted from a type confusion issue. Apple corrected the problem by adding stronger validation checks.
Other WebKit flaws included CVE-2023-43000 and CVE-2023-43010. These issues involved memory handling errors that attackers could use to compromise affected devices.
Apple previously addressed some of these vulnerabilities in newer operating system versions. However, the latest update ensures older devices now receive the same protections.
What the Coruna Exploit Means for iPhone Security
The Coruna exploit was discovered earlier this month by researchers from Google’s Threat Intelligence Group. According to the researchers, the attack combines multiple vulnerabilities into a sophisticated exploit chain.
In total, the exploit links together five separate iOS exploit chains and uses 23 vulnerabilities. When combined, these weaknesses could allow attackers to bypass several layers of Apple’s built-in security protections.
Once triggered, the exploit might allow malicious actors to gain deeper access to a device and execute harmful code.
The Coruna Exploit Fix therefore plays a crucial role in preventing such attacks.
How to Install the Coruna Exploit Fix Update
Apple recommends that users install the Exploit Fix immediately if their device is eligible for the update.
Users can install the update by following these steps:
Open the Settings app on the iPhone
Tap General and select Software Update
Wait while the device checks for available updates
Tap Download and Install
Accept the terms and conditions and allow the installation to complete
The device may restart several times during the installation process.
Keeping devices updated with the latest security patches helps protect personal data and prevents attackers from exploiting known vulnerabilities.
