Look, I’ll keep this simple. If you’re still using an older iPhone or iPad that can’t run the latest iOS, there’s a security update sitting out there with your name on it — and given what it fixes, you really don’t want to skip it.
Apple just pushed a critical patch specifically for older devices running iOS 15.8.7 and iOS 16.7.15 (and their iPad equivalents), and several of the vulnerabilities it addresses have already been actively exploited in real-world attacks. We’re not talking about theoretical risks here. These bugs have been used by state-sponsored hackers and surveillance operators against actual people. That’s about as serious as it gets.
Why This Update Is Different From a Routine Patch
Apple regularly releases security updates for its newer devices, and older models sometimes get those fixes later — or occasionally miss them altogether. This particular release, however, is specifically designed to bring critical security repairs to older hardware that can’t run the most current operating system.
What makes this one stand out is the nature of the vulnerabilities being patched. Several of them are zero-day exploits — meaning attackers discovered and actively used these security holes before Apple had a chance to fix them. By the time a zero-day patch lands, there’s a good chance someone has already been targeted using that exact vulnerability.
These aren’t bugs sitting quietly in a lab somewhere. They’ve been deployed in the wild.
The Corinna Exploit Kit — What It Is and Who’s Behind It
The vulnerabilities addressed in this March 2026 patch are connected to something researchers have identified as the Corinna exploit kit — a sophisticated spyware and surveillance package containing 23 individual exploits that targeted iOS versions ranging from 13.0 all the way through 17.2.1.
Researchers at Google’s Threat Intelligence Group have been tracking this kit and have observed its use by some genuinely alarming actors:
- State-backed Russian hacking groups
- Commercial surveillance vendors selling spyware to government clients
- A Chinese state-affiliated threat actor
This isn’t random cybercrime. This is coordinated, targeted digital espionage — the kind of operation that typically goes after journalists, activists, government officials, and high-value individuals. If your older Apple device is unpatched, it carries vulnerabilities that these groups have already demonstrated they know how to exploit.
What These Vulnerabilities Actually Do
Understanding what these bugs enable helps explain why this update is being treated with urgency.
WebKit Vulnerabilities
Four of the patched bugs — CVE-2023-43010, CVE-2024-23222, CVE-2023-43000, and CVE-2023-43010 — affect WebKit, the engine that powers Safari and all web-based content on iOS. Exploiting these could allow an attacker to achieve remote code execution on your device — meaning they could potentially run malicious code just by getting you to visit a compromised webpage or open a malicious link.
Kernel-Level Vulnerability
The fifth bug, CVE-2023-41974, sits at the Kernel level — the deepest layer of the operating system. A successful exploit here allows an attacker to escalate their privileges all the way to Kernel access, which is essentially full control over the device. Combined with a WebKit exploit, an attacker could theoretically chain these vulnerabilities together to take over a device remotely and completely.
Full List of Affected Devices — Check If Yours Is Here
This security update covers devices running iOS 15.8.7, iOS 16.7.15, iPadOS 15.8.7, and iPadOS 16.7.15. If your device is on this list and you haven’t installed the update yet, do it today:
iPhones:
- iPhone 6s
- iPhone 7
- iPhone SE (1st generation)
- iPhone 8
- iPhone 8 Plus
- iPhone X
iPads:
- iPad Air 2
- iPad Mini (4th generation)
- iPad (5th generation)
- iPad Pro 9.7-inch
- iPad Pro 12.9-inch (1st generation)
iPod:
- iPod Touch (7th generation)
If you’re running any of these devices and haven’t updated yet, your phone is currently sitting with known, actively exploited security holes in it. That’s not a comfortable place to be.
How to Install the Update Right Now
Getting this patch installed takes about five minutes. Here’s how:
- Open Settings on your iPhone, iPad, or iPod Touch
- Tap General
- Tap Software Update
- If the update is available, tap Download and Install
- Keep your device plugged in and connected to Wi-Fi during the process
If you don’t see an available update, your device may already be up to date — but double-check the version number against the patched versions listed above to be sure.
Apple Also Patched a Separate Zero-Day Earlier in 2026
It’s worth mentioning that this isn’t the first serious security patch Apple has pushed this year. Back in February 2026, Apple addressed another zero-day vulnerability affecting iOS 26, iPadOS 26, and macOS Tahoe — its newer operating systems.
Apple’s own language around that patch was striking. The company stated the vulnerability may have been exploited in what it described as an “extremely sophisticated attack against specific targeted individuals.” That’s Apple’s way of saying this wasn’t a casual, opportunistic hack — it was a precision strike against specific people.
Taken together, these two patches in early 2026 paint a clear picture: the threat environment for Apple devices is serious right now, and staying current with updates — even on older hardware — is genuinely important.
Why Older Devices Are Particularly at Risk
There’s a common assumption that if your phone is working fine, you don’t need to worry too much about updates. That thinking gets more dangerous with every passing month on an older device.
Older iPhones and iPads can’t run the latest iOS versions, which means they miss out on the most current security architecture improvements built into Apple’s newer software. They rely on Apple continuing to backport critical patches — which Apple does make an effort to do, but the coverage isn’t always identical to what newer devices receive.
The result is a device that may be months behind on certain security fixes, running software with known vulnerabilities, and potentially targeted by attackers who specifically scan for unpatched older hardware.
It doesn’t mean you need to rush out and buy a new phone. But it does mean you need to install every available update as soon as it drops on your older device.
- → GST Housing Rebate 2026: Why Builders Say It Won’t Fully Revive Canada’s Condo Market
- → Canada Minimum Wage Increase 2026: Federal Rate Rises to $18.15 per Hour
- → Canada Relationship Finance Survey 2026: How Economic Pressures Are Shaping Modern Relationships
- → CRA Grocery Benefit and GST/HST Credit Boost in 2026: Eligibility, Payments, and What Families Should Know
- → CRA Filing System Changes in 2026: End of Tax Drop Boxes Across Canada
- → Working While on CPP in 2026: How Your Job Can Increase or Reduce Your Pension
- → CRA $2,200 Senior Bonus (March 2026): Eligibility, Payment Date & Latest Updates
Conclusion
Apple’s March 2026 security patch for older iPhones and iPads is not something you should put off until the weekend or add to your mental to-do list. The vulnerabilities it fixes — particularly the Corinna exploit kit connections and the WebKit and Kernel-level bugs — have already been used in real attacks by sophisticated, well-resourced threat actors.
If your device is on the affected list, the update is available right now through your Settings app. It takes a few minutes and could save you from a genuinely serious security compromise. The threat here isn’t hypothetical, it’s documented. Install the patch, stay updated, and if your older device is approaching the end of its supported software lifecycle, it’s worth starting to think about what comes next.
Frequently Asked Questions (FAQs)
Q: Which Apple devices need this urgent security update in 2026? The patch applies to iPhone 6s, iPhone 7, iPhone SE (1st gen), iPhone 8, iPhone 8 Plus, iPhone X, iPad Air 2, iPad Mini 4th gen, iPad 5th gen, iPad Pro 9.7-inch, iPad Pro 12.9-inch 1st gen, and iPod Touch 7th gen — all running iOS/iPadOS 15.8.7 or 16.7.15.
Q: What is the Corinna exploit kit? It’s a spyware and surveillance toolkit containing 23 individual exploits targeting iOS versions 13.0 through 17.2.1. Google’s Threat Intelligence Group has linked its use to Russian state-backed hackers, commercial surveillance vendors, and a Chinese threat actor.
Q: What can these vulnerabilities actually do to my device? The WebKit bugs can enable remote code execution — an attacker could potentially run malicious code on your device through a webpage or link. The Kernel vulnerability allows full privilege escalation, giving an attacker deep system-level control.
Q: How do I install the update? Go to Settings → General → Software Update on your device. If the update is available, download and install it while connected to Wi-Fi and a power source.
Q: Is this the only major Apple security patch in 2026? No. Apple also patched a separate zero-day in February 2026 affecting iOS 26, iPadOS 26, and macOS Tahoe, which the company said may have been used in highly sophisticated targeted attacks.
Q: Should I upgrade to a newer iPhone instead? If your device is no longer receiving iOS major version updates, upgrading is worth considering for long-term security. In the meantime, install every available patch to keep your current device as protected as possible.
