Update to iOS 15 now if you're still running old software

iPhone isn't safe on old iOS anymore, update to at least iOS 15 now

Apple advises iPhone users about iOS 15 update

All iPhone users running iOS 13 or iOS 14 need to update now. Apple has confirmed routine browsing can trigger attacks on outdated iOS versions.

Apple revealed on March 19 that malicious web content can exploit older iOS versions and expose personal data through compromised sites or unsafe links. Apple released security updates on March 11 for both newer and older devices, including iOS 15.8.7 and iOS 16.7.15.

Users on iOS 13 or iOS 14 should upgrade to iOS 15 to receive those protections. Updating iOS closes those gaps and protects against these web-based attacks.

The attacks rely on malicious web content instead of rogue apps or unusual behavior. Visiting a compromised website or clicking a crafted link could trigger WebKit vulnerabilities in Safari.

Apple's latest security advisory comes after two malware campaigns that targeted iPhone users. Coruna is one example of a full iPhone exploit kit that uses web-based attacks to compromise devices.

Newer exploits like DarkSword use similar methods and often share infrastructure across different campaigns. While this latest vulnerability isn't related, it does fall under the same web-based attack umbrella.

How to stay safe from iPhone web attacks

You should update your iPhone to the latest version of iOS that you can, right away. Older devices need to install iOS 15 or later if they can, since that's the minimum version getting current protections. Devices that don't support iOS 15 should no longer be used as browsing devices.

You should enable automatic updates in Settings so security patches install as soon as Apple releases them. Don't postpone updates, even minor ones, since they often include fixes for actively exploited vulnerabilities.

You can use Safari's built-in protections like Safe Browsing to block known malicious domains. However, be careful with unfamiliar links, especially those you get through email, text messages, or social media.

If you're at elevated risk, like journalists or public figures, consider enabling Lockdown Mode. Apple says it can block certain web-based attacks, but it still recommends updating as your main defense.

Comments

cmason · 47 comments · 18 Years About 1 month ago

Given this importance, I hope Apple will start releasing iOS 18 updates for users not ready to upgrade to 26. IOS 18.7.1 and 18.7.2 were available for anyone not willing to upgrade. And 18.7.3 was available on the beta track.

If Apple is serious about security for iOS versions going back to iOS 15, which is commendable, let all users on iOS 18 upgrade to the latest security fix, without upgrading to iOS 26. On the Mac this isn't a problem. Users on Sequoia or even Sonoma get all the security updates. And even older Mac OS releases sometimes get security fixes. Mac OS Catalina (from 2019) recently got a security update.

There's no reason iOS users *one* release behind shouldn't get security updates. I don't expect updates going back much further than that, but given the recent updates to very old versions of iOS, this seems like a glaring hole in their commitment.

Also, there are some people who don't follow technology who are still on iOS 17, or even 16, who *can* upgrade to a newer OS, but don't want iOS 26 yet. They no longer even have the option to upgrade to iOS 18. They are hearing from the media and friends and family that they should upgrade for security, but they aren't being given any option to do so without upgrading to iOS 26.

By not providing these users an option to upgrade to the most recent and secure release of iOS 18, Apple is harming the security and privacy of these users. I hope Apple will relent.

In case I haven't made my point yet, if you have an iPhone XR, released 8 years ago, you can have the latest security update without compromise, but if you have an iPhone 15, or even an iPhone SE, you cannot get the same security without updating to iOS 26.

Penzi · 148 comments · 8 Years About 1 month ago

Yeah, dick move Apple. Particularly since I’m a holdout. I have iPadOS 26.3 (“upgraded” on 26.2) and although they made some notable improvements there are not nearly enough of them nor are they good enough. I continue to hold out with all other Apple devices that I own.

If you force this on me, which this particular issue is likely to do, I will be even less likely to update my iOS based devices. And that will impact odd devices because Apple is tarnished (no, not that kind) and thus I won’t be upgrading my Watch Ultra this autumn nor my AppleTV until the present device no longer receives any updates. I was kinda tempted by the iPhone Air but not with this behaviour.

raymondai · 89 comments · 11 Years About 1 month ago

I am not sure at all, but for reference, the oldest iPhone which run iOS 15 should be the 6s, I can’t quite remember the SE series, the first SE still look like 5s chassis, I doubt about it, I used to memorize iPhone by their look, in the old day.

Share Your Thoughts on our Forums ->

News

iPhone isn't safe on old iOS anymore, update to at least iOS 15 now

How to stay safe from iPhone web attacks

Inside Apple Maps - How to get the most out of your iPhone's navigation app

Acasis 40Gbps Mac mini M4 Dock review: All the ports you could want for your M4 Mac mini

Flash deal: Grab Apple's M4 MacBook Air for just $829

Apple TV Head Of International Development jumping ship to start his own production company

Despite risks, Apple seeks ways to bring more AI to the App Store

EU's artificial intelligence requirements are profoundly risky, says Apple

M5 Max 16-inch MacBook Pro vs Samsung Galaxy Book6 Ultra: Compared

RCS & encryption haven't fixed the green bubble problem

Follow us on Social Media

How to stay safe from iPhone web attacks