John Z Black
Brunswick, ME • (207) 245-1010 • contact@johnzblack.com
Apple doesn’t panic. That’s kind of their thing.
So when millions of iPhones displayed a lock screen alert this week saying “Apple is aware of attacks targeting out-of-date iOS software, including the version on your iPhone” – that’s not a routine security notice. That’s Apple breaking the glass.
Two exploit kits, Coruna and DarkSword, are actively targeting iOS versions between 13.0 and 17.2.1. Years of devices. Millions of users. These kits weren’t built randomly – attackers specifically engineered them against the vulnerability surface of older iOS builds.
Patches exist: iOS 15.8.7 and iOS 16.7.15, released March 11. If you’re on iOS 15 or 16, update now.
Here’s the uncomfortable part. If you’re on iOS 13 or 14, you need to reach at least iOS 15 to get protection. And if you’re on an iPhone 6 or older, you can’t run iOS 15 at all. There’s no patch. No workaround. Apple’s alert is essentially telling you that you’re under attack and the only fix is a new phone. Not everyone can do that.
If you’re stuck on old hardware, keep Safari’s Safe Browsing enabled – it blocks known malicious domains and creates at least some friction for the delivery chain. High-value targets (journalists, lawyers, executives) should enable Lockdown Mode. As of now, Lockdown Mode has zero confirmed defeats by any commercial spyware including Coruna.
Apple pushed this to your lock screen because what they’re seeing in telemetry is serious. Take it that way.