Quick Brief
- iOS 16.7.15 (build 20H380) patches CVE-2023-43010, a WebKit memory corruption flaw tied to the Coruna exploit kit
- Google Threat Intelligence Group discovered the Coruna exploit kit, which chains together 23 vulnerabilities to attack devices
- Supported devices include iPhone 8, iPhone 8 Plus, iPhone X, and three older iPad models
- The update released March 11, 2026 and is available via Settings > General > Software Update
Apple pushed iOS 16.7.15 and iPadOS 16.7.15 on March 11, 2026 for devices that cannot run iOS 17 or later. This is not a routine update. It closes a real, actively exploited vulnerability that security researchers confirmed threat actors are using in the wild to steal data from compromised phones.
What the Coruna Exploit Kit Does to Your Device
Coruna is a malicious framework discovered by Google Threat Intelligence Group that chains together 23 different vulnerabilities to attack target devices. Security researchers confirmed threat actors are actively using Coruna to steal data from phones that remain unpatched.
The specific flaw addressed in iOS 16.7.15 is CVE-2023-43010, a WebKit vulnerability where processing maliciously crafted web content can lead to memory corruption. Apple resolved this with improved memory handling. The fix was originally shipped in iOS 17.2 on December 11, 2023, and this update backports it to devices locked to iOS 16.
Because WebKit powers Safari and every in-app browser on iOS, a malicious webpage alone is enough to trigger this exploit without any additional action from the user.
Which Devices Can Install iOS 16.7.15
Apple scoped this update to legacy hardware that tops out at iOS 16.
Eligible iPhones:
- iPhone X
- iPhone 8
- iPhone 8 Plus
Eligible iPads:
- iPad (5th generation)
- iPad Pro 9.7-inch
- iPad Pro 12.9-inch (1st generation)
For even older hardware, Apple simultaneously released iOS 15.8.7 and iPadOS 15.8.7. That update covers iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation), addressing three separate Coruna-related CVEs in Kernel and WebKit.
Why This Backport Took Nearly Three Years
Apple originally patched the Coruna-related flaws in the iOS 17 branch between late 2023 and early 2024. Devices capped at iOS 16 went without those protections for almost three years until Google Threat Intelligence Group’s public discovery of active exploitation forced a response.
This pattern is important to understand. Older devices do not receive real-time security parity with the current iOS branch. A vulnerability patched in a flagship iOS release can remain open on legacy hardware for years until exploitation becomes widespread enough to trigger a backport. For users still daily-driving an iPhone 8 or iPhone X, this gap represents a structural risk that no software update can permanently solve.
Considerations
iPhone 8, iPhone 8 Plus, and iPhone X cannot run iOS 17 or iOS 18 and will not receive future feature updates. The iOS 16.7.x track is a security-maintenance branch only. Users on these devices should assess their long-term hardware plans, as app compatibility and modern security architecture will continue to diverge from current iOS versions.
How to Install iOS 16.7.15 Right Now
The process is straightforward and completes in under 15 minutes on a stable Wi-Fi connection.
- Open the Settings app on your iPhone or iPad
- Tap General, then select Software Update
- Tap Download and Install when iOS 16.7.15 appears
- Enter your passcode if prompted and wait for the restart
- Confirm the update in Settings > General > About under Software Version
Devices with automatic updates enabled will receive iOS 16.7.15 over the coming days. Given that active exploitation of Coruna is confirmed, manual installation is the faster and safer choice.
iOS 16.7.15 vs iOS 15.8.7: What Each Update Fixes
| Detail | iOS 16.7.15 | iOS 15.8.7 |
|---|---|---|
| Release Date | March 11, 2026 | March 11, 2026 |
| CVEs Fixed | 1 (CVE-2023-43010) | 3 (CVE-2023-41974, CVE-2024-23222, CVE-2023-43000) |
| Component | WebKit | Kernel + WebKit (x2) |
| Original Fix Shipped | iOS 17.2, Dec 11, 2023 | iOS 17 (Sep 2023) and iOS 17.3 (Jan 2024) |
| Eligible Devices | iPhone 8, 8 Plus, X; select iPad Pro/iPad 5th gen | iPhone 6s, 7, SE 1st gen; iPad Air 2, iPad mini 4, iPod touch 7th gen |
Frequently Asked Questions (FAQs)
What is the build number for iOS 16.7.15?
The official build number for iOS 16.7.15 is 20H380. This identifier appears in Settings > General > About under Software Version and confirms the update installed correctly on your device.
What is the Coruna exploit kit?
Coruna is a malicious exploit framework discovered by Google Threat Intelligence Group. It chains together 23 separate vulnerabilities to attack iOS devices. Security researchers confirmed that threat actors are actively using Coruna to steal data from compromised phones.
Which CVE does iOS 16.7.15 fix?
iOS 16.7.15 addresses CVE-2023-43010, a WebKit vulnerability where processing maliciously crafted web content leads to memory corruption. Apple credited itself as the reporter of this CVE. The fix was originally shipped in iOS 17.2 on December 11, 2023.
Is iOS 16.7.15 available for iPhone 7?
No. iPhone 7 and iPhone 7 Plus receive iOS 15.8.7 instead, which covers three separate Coruna-related CVEs across Kernel and WebKit. Apple split the updates by OS branch based on each device’s maximum supported iOS version.
Should I install iOS 16.7.15 if my iPhone works fine?
Yes. The Coruna exploit activates silently through web content and requires no user action beyond loading a compromised page. A device that appears to function normally remains fully vulnerable until the patch is applied.
What does iOS 15.8.7 fix compared to iOS 16.7.15?
iOS 15.8.7 patches three CVEs tied to Coruna: a Kernel flaw (CVE-2023-41974) and two WebKit vulnerabilities (CVE-2024-23222 and CVE-2023-43000). iOS 16.7.15 patches one WebKit CVE (CVE-2023-43010). The different fixes reflect which specific Coruna components affect each device generation.
What happens if I do not install this update?
Your device stays exposed to the Coruna exploit kit. Confirmed active exploitation means attackers can target unpatched devices through ordinary web browsing. Apple has no known workaround other than installing the update.
Is this the last iOS update for iPhone 8 and iPhone X?
Apple has not announced a final update date. The iOS 16.7.x track is a security-maintenance branch only. No new features will arrive on these devices, and any future updates will follow the same security-patch-only format.
