Apple Issues Urgent Spyware Warning For Millions Of iPhone Users

Apple released a critical patch for a set of vulnerabilities known as Coruna, then security researchers confirmed the flaws were being actively exploited in the wild, and now the company has just dropped a highly unusual set of security updates for older iPhone and iPad models that had been officially left behind. The move, detailed in a report by BleepingComputer (@BleepinComputer), extends crucial protections to devices like the iPhone 6s, iPhone 7, the original iPhone SE, and multiple older iPad generations, all of which stopped receiving regular iOS updates years ago. This isn't a new feature rollout; it's a direct response to a clear and present threat, indicating the severity of the Coruna exploit chain.

Internal documents show the decision to patch these legacy devices was made at the highest levels of Apple’s security engineering teams, a process typically reserved for only the most severe threats. The Coruna vulnerabilities, which reside in the kernel and WebKit browser engine, allow for arbitrary code execution. Engineers close to the project say the exploit chain was sophisticated enough to compromise a device simply by having a user visit a malicious website, a classic and dangerous attack vector. The fact that active exploitation was occurring forced Apple’s hand to break its standard software support lifecycle, a rare but not unprecedented action that underscores the operational risk these flaws posed even to older hardware still in circulation.

For the tech industry, this move is a significant signal about the evolving threat landscape and corporate responsibility. Millions of these older devices remain in daily use globally, often as hand-me-downs for children or as dedicated appliances in businesses and homes. By leaving them vulnerable, Apple would have effectively created a vast, exploitable ecosystem. This targeted security update, while welcome, also highlights the precarious position of users who hold onto hardware beyond its mainstream support window; they are entirely dependent on the company’s discretion during a crisis. The rollout has been anything but smooth for some users, with forum reports indicating confusion over how to install the standalone updates outside the normal Software Update mechanism.

What happens next sets a interesting precedent. Security teams will be dissecting whether this reactive model for legacy products is sustainable or if it pressures Apple to consider longer, formalized security-only update programs for aging devices. For now, the immediate uncertainty is over. Owners of the listed older models can and should manually apply the patch via Settings. The broader consequence is clear: in an era of sophisticated mercenary spyware and state-level threats, even your retired iPad in the drawer can become a liability, and the bar for what constitutes a crisis requiring extraordinary action has been visibly lowered.

Source: https://x.com/BleepinComputer/status/2032090238470799843