‘Update iOS to Protect Your Data’ – Apple Urges Users to Patch Against Coruna and DarkSword Exploits

Apple is asking iPhone users to prioritize the latest security updates amid a wave of hacker attacks exploiting weaknesses in ‘out-of-date’ versions of iOS.

Key takeaways:

• Apple warns of ongoing web-based attacks targeting outdated iOS versions

• Two exploit campaigns — Coruna and DarkSword — are being actively used to steal user’s data

• Attacks can be triggered by clicking malicious links or visiting compromised websites

• The company has released patches for iOS 15 and iOS 16 to protect older devices.

• Users on older or unpatched versions are at risk (iOS 13 or 14 must upgrade to iOS 15)

• Apple will push a Critical Security Update alert soon.

“If your iPhone doesn’t have the latest software, update iOS to protect your data,” reads the particularly direct opening of a support document published by the tech titan yesterday.

"Security researchers recently identified web-based attacks that target out-of-date versions of iOS through malicious web content,” it continues.

The company refers to two major threats reported in recent weeks, dubbed Coruna and DarkSword.

“For example, if you’re using an older version of iOS and were to click a malicious link or visit a compromised website, the data on your iPhone might be at risk of being stolen,” the notice warns.

Who is already protected and who needs to take steps?

Apple says it “thoroughly investigated these issues” and rolled out software updates to stop attackers in their tracks. According to the support doc:

• Devices with the latest, updated versions of iOS 15 through iOS 26 are already protected.
• If you have not updated your software recently, update iOS on your iPhone! Apple released software updates for iOS 15 and iOS 16 last week, “to extend protection to older devices that cannot update to the latest version of iOS.”
• Devices with iOS 13 or iOS 14 must update to iOS 15 to receive these protections.
• Users will receive an additional alert to install a Critical Security Update “in the next few days,” according to the memo.
• Apple Safe Browsing in Safari is on by default and blocks the malicious URL domains identified in these attacks.

For people who can’t update their device for whatever reason, Apple recommends enabling Lockdown Mode “to protect against malicious web content and other threats.”

How to update your old iOS

Apple has a support page dedicated entirely to updating iOS – from iOS 12 to iOS 26. The steps differ slightly depending on the version, which is why Apple offers a drop-down version selector to display the steps for each iOS version.

If you didn’t turn on automatic updates when you first set up your iPhone, now is probably a good idea to do it.

On iOS 13

• Go to Settings  > General > Software Update.
• Tap Customize Automatic Updates (or Automatic Updates).
• With iOS 13.6 or later, you can choose to automatically download and/or install updates.
• When an update is available, your iPhone downloads and installs the update overnight while charging and connected to Wi-Fi. You’re notified before an update is installed. You can also choose to update manually, on the spot, whenever you’re ready.

The same steps apply for iOS 14.

On iOS 15

• Go to Settings  > General > Software Update > Automatic Updates.
• Turn on Download iOS Updates and Install iOS Updates.
• Again, when an update is available, your device downloads and installs it overnight while charging and connected to Wi-Fi, and you’re notified before an update is installed. You can also choose to update manually, on the spot, whenever you’re ready.

Take ‘exploitable’ security issues seriously!

Exploit kits like Coruna and DarkSword have historically been used in spyware attacks on the devices of activists, dissidents, political rivals, human rights advocates, investigative journalists and high-profile figures in general. Big-Tech players have been fighting spyware for years.

As we regularly warn, even if you’re not a high-risk person, it’s a good idea to stay up to date with the latest security patches – you never know when you trip a wire and become a target.

As Apple’s own support doc notes:

If you have kept your iPhone software up to date, then you are already protected. Keeping your software up to date is the single most important thing you can do to maintain the security of your Apple products, and devices with updated software were not at risk from these reported attacks.

For peace of mind, run an independent security solution on all your personal devices. Keep the trusty Lockdown Mode toggle handy if you have reason to believe hackers might target you.

You may also want to read:

Apple Patches Older iPhones Against ‘Coruna’ Hacks Used in Espionage and Crypto Theft

Apple Debuts ‘Background Security Improvements’ with Urgent WebKit Fix for iPhone and Mac – Here’s How to Enable It

Patch Your Chrome Browser! Google Fixes Two Nasty Security Flaws Amid Release Notes Mix-Up