March 11, 2026

Old phones, new chaos

Article URL →HN comments →

Apple releases iOS 15.8.7 to fix Coruna exploit for iPhone 6S from 2015

Ancient iPhones get a life-saving fix—fans cheer, cynics shout “hype tax”

TLDR: Apple released iOS 15.8.7 to patch the Coruna exploit on older iPhones and iPads, letting them stay safe without upgrading. Comments split between applause for long support, eye-rolls about “hype tax” pricing and forced upgrades, with jokes that “10 people” still use a 6S—security matters even for vintage tech.

Apple just dropped iOS 15.8.7 for the iPhone 6S era, and the comments instantly turned into a stadium. The update closes the Coruna exploit, a nasty hole that could let bad apps or sketchy websites take over. Apple had already fixed it on newer iPhones; this brings the repair to devices stuck on older software. Translation for non-nerds: your grandma’s trusty 2015 phone can keep scrolling without inviting hackers to the party.

But the crowd is split. One camp is clapping for the decade-long support, with jokes like “this helps the 10 people still on a 6S,” while still calling it a W for Apple. The skeptics are loud: “Am I supposed to be impressed?” sneers one commenter, arguing Apple’s long updates are the trade-off for high upfront prices. Another accuses Apple of a “rug-pull” by patching older systems while pushing new looks, even ranting about a “fugly 26”—version drama that left others blinking. A cooler head jumps in to clarify, “the phone is from 2015, not the exploit chain,” dropping a link for context. Meanwhile, thecybernerd wonders what active device threshold convinces Apple to patch a fossil. It’s security meets soap opera—and everyone brought popcorn.

Key Points

  • Apple released iOS 15.8.7 and iPadOS 15.8.7 on March 11, 2026, for legacy devices.
  • Updates backport fixes associated with the Coruna exploit from newer iOS versions.
  • Kernel vulnerability CVE-2023-41974 (use-after-free) enabling kernel-level code execution is fixed.
  • WebKit vulnerabilities CVE-2024-23222, CVE-2023-43000, and CVE-2023-43010 are addressed, preventing code execution and memory corruption via malicious web content.
  • Supported devices include iPhone 6s/7, iPhone SE (1st gen), iPad Air 2, iPad mini (4th gen), and iPod touch (7th gen).

Hottest takes

“Am I supposed to be impressed by this?” — behnamoh
“This sort of spurious patching… is a form of gaslighting” — burnt-resistor
“This will really help the 10 people still using an iPhone 6S” — anshumankmr

Save News

Made with <3 by @siedrix and @shesho from CDMX. Powered by Forge&Hive.