Apple has rolled out security updates for older iPhone, iPad, and Mac devices to address three actively exploited vulnerabilities. The patches aim to protect users of legacy devices from potential cyber attacks.
The security fixes target three specific vulnerabilities that malicious actors have already exploited in the wild. These include a privilege elevation bug in Core Media, an authorization flaw affecting USB Restricted Mode, and a WebKit sandbox escape vulnerability.
The updates cover a wide range of older Apple devices, including the iPhone 6s, iPhone 7, first-generation iPhone SE, iPad Air 2, and various iPad Pro models. On the Mac side, the patches are available for systems running macOS Sonoma 14.7.5 and Ventura 13.7.5.
For iPhone and iPad users, the patches are being delivered through iOS/iPadOS versions 15.8.4, 16.7.11, and 17.7.6, depending on device compatibility. Each update addresses specific security concerns:
- The Core Media bug fix prevents malicious apps from gaining elevated system privileges
- The Accessibility patch blocks attackers from bypassing USB Restricted Mode on locked devices
- The WebKit update stops potential sandbox escape attempts through malicious web content
This security update rollout follows Apple's recent major patch release that fixed dozens of vulnerabilities across iOS 18.4, macOS Sequoia 15.4, tvOS 18.4, visionOS 2.4, and Safari 18.4.
While Apple typically focuses security updates on current devices, this backporting of patches demonstrates the company's commitment to protecting users who continue to rely on older hardware. Users of affected devices are advised to install these updates promptly to maintain their security posture.