Emily Long Freelance Writer
Experience
Emily Long is a freelance writer based in Salt Lake City.
After graduating from Duke University, she spent several years reporting on the federal workforce for Government Executive, a publication of Atlantic Media Company, in Washington, D.C. She has nearly a decade of experience as a freelancer covering tech (including issues related to security, privacy, and streaming) as well as personal finance and travel.
In addition to Lifehacker, her work has been featured on Wirecutter, Tom’s Guide, and ZDNET. Emily has also worked as a travel guide around the U.S. and as a content editor. She has a masters in social work and is a licensed therapist in Utah.
Add as a preferred source on Google
Credit: Vasin Lee / Shutterstock
Key Takeaways
- Apple has just released a patch to older devices for bugs that have already been addressed in updates to newer models.
- The bugs are part of the Coruna exploit kit, a spyware and surveillance package with 23 total exploits that targeted iOS releases from 13.0 to 17.2.1.
- If you have an older iPhone or iPad that doesn’t support the latest OS, you may need to update it ASAP.
Table of Contents
If you have an older Apple device that doesn’t support the most current operating system, you may not receive every security update pushed to the latest iOS—or at least not at the same time. Apple has just released a patch for older devices that addresses a handful of bugs that have already been addressed in updates to newer models. Many of these have been exploited in zero-day attacks, so if you have one of the affected devices, you should ensure these updates are installed as soon as possible.
Zero-day exploits fixed with the update to older iPhones and iPads
As BleepingComputer reports, the March 11 security update addresses vulnerabilities used in cyber-espionage and crypto-theft attacks. The bugs are part of the Coruna exploit kit, a spyware and surveillance package with 23 total exploits that targeted iOS releases from 13.0 to 17.2.1. Google Threat Intelligence Group researchers have observed its deployment by state-backed Russian hackers, surveillance vendors, and a Chinese threat actor.
The vulnerabilities Apple is patching would allow attackers to escalate permissions to Kernel privileges or gain remote code execution capabilities on affected devices. The bugs include CVE-2023-43010, CVE-2024-23222, CVE-2023-43000, and CVE-2023-43010, all of which affect WebKit, and CVE-2023-41974, a Kernel vulnerability.
The update applies to older models running iOS 15.8.7/16.7.15 and iPadOS 15.8.7/16.7.15:
The Download Newsletter Never miss a tech story
Get the latest tech news, reviews, and advice from Jake and the team.
The Download NewsletterNever miss a tech story. Get the latest tech news, reviews, and advice from Jake and the team.
Lifehacker has been a go-to source of tech help and life advice since 2005. Our mission is to offer reliable tech help and credible, practical, science-based life advice to help you live better.
© 2001-2026 Ziff Davis, LLC., A ZIFF DAVIS COMPANY. ALL RIGHTS RESERVED.
Lifehacker is a federally registered trademark of Ziff Davis and may not be used by third parties without explicit permission. The display of third-party trademarks and trade names on this site does not necessarily indicate any affiliation or the endorsement of Lifehacker. If you click an affiliate link and buy a product or service, we may be paid a fee by that merchant.