Apple has introduced significant security updates for iOS and iPadOS, namely versions 16.7.15 and 15.8.7, which tackle the recently uncovered Coruna vulnerability. This exploit, brought to light by Google and iVerify, targets iPhones operating on earlier iOS versions by exploiting several vulnerabilities.
### Prompt Reaction to Coruna Exploit
The Coruna exploit employs five exploit chains and 23 vulnerabilities impacting devices that run iOS versions from 13 to 17.2.1. After the public revelation of this exploit, Apple swiftly released updates to bolster security for older devices unable to upgrade to the newest iOS versions.
### Overview of Security Content
Apple’s updates comprise essential fixes for kernel and WebKit vulnerabilities associated with the Coruna exploit. These updates guarantee that older devices obtain the required safeguards against potential threats.
#### Security Fixes for iOS 15.8.7 and iPadOS 15.8.7
1. **Kernel Vulnerability**
– **Devices Affected**: iPhone 6s, iPhone 7, iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), iPod touch (7th generation).
– **Impact**: Possibility of arbitrary code execution with kernel-level privileges.
– **Description**: A use-after-free vulnerability was remedied with enhanced memory management.
– **CVE**: CVE-2023-41974.
2. **WebKit Vulnerabilities**
– **Several issues addressed**:
– **Impact**: Malicious web content could result in arbitrary code execution or memory corruption.
– **Description**: Issues were fixed through improved memory handling and verification.
– **CVEs**: CVE-2024-23222, CVE-2023-43000, CVE-2023-43010.
#### Security Fixes for iOS 16.7.15 and iPadOS 16.7.15
1. **WebKit Vulnerability**
– **Devices Affected**: iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro (9.7-inch and 12.9-inch 1st generation).
– **Impact**: Handling maliciously designed web content may result in memory corruption.
– **Description**: The issue was addressed with enhanced memory management.
– **CVE**: CVE-2023-43010.
### Significance of Updating
For users with older devices, it is essential to ensure that their systems are updated to shield against vulnerabilities like Coruna. Apple urges users to verify the availability of the latest updates to uphold device security.
For further detailed information regarding Apple’s security releases, users may visit the official Apple support page.