APPLE-SA-03-11-2026-2 iOS 15.8.7 and iPadOS 15.8.7
嗯,用户让我帮忙总结一下这篇文章的内容,控制在一百个字以内,而且不需要用“文章内容总结”或者“这篇文章”这样的开头。直接写描述就行。 首先,我需要仔细阅读这篇文章。看起来这是一份苹果的安全公告,发布日期是2026年3月11日。公告提到iOS 15.8.7和iPadOS 15.8.7版本修复了一些安全问题。 接下来,我注意到文章里提到了几个关键点:内核中的use-after-free漏洞、WebKit中的类型混淆问题和内存管理问题。这些漏洞可能导致任意代码执行或内存损坏,影响设备安全。 然后,文章还提到这些修复是针对较旧设备的,因为它们无法升级到最新的iOS版本。苹果通过安全更新将这些修复应用到旧设备上。 最后,用户需要的是一个简洁的总结,控制在100字以内。我应该涵盖主要的安全更新内容、修复的问题以及影响范围。 现在,我需要把这些信息浓缩成一段话,确保不超过字数限制,并且直接描述内容。 </think> 苹果发布iOS 15.8.7和iPadOS 15.8.7更新,修复内核和WebKit组件中的多个安全漏洞,包括use-after-free和类型混淆问题,防止恶意应用或网页导致代码执行或内存损坏。 2026-3-12 21:57:22 Author: seclists.org(查看原文) 阅读量:6 收藏
fulldisclosure logo

Full Disclosure mailing list archives

From: Apple Product Security via Fulldisclosure <fulldisclosure () seclists org>
Date: Wed, 11 Mar 2026 19:10:30 -0700
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-03-11-2026-2 iOS 15.8.7 and iPadOS 15.8.7

iOS 15.8.7 and iPadOS 15.8.7 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/126632.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

Kernel
Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone SE
(1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch
(7th generation)
Impact: An app may be able to execute arbitrary code with kernel
privileges. This fix associated with the Coruna exploit was shipped in
iOS 17 on September 18, 2023. This update brings that fix to devices
that cannot update to the latest iOS version.
Description: A use-after-free issue was addressed with improved memory
management.
CVE-2023-41974: Félix Poulin-Bélanger

WebKit
Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone SE
(1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch
(7th generation)
Impact: Processing maliciously crafted web content may lead to arbitrary
code execution. This fix associated with the Coruna exploit was shipped
in iOS 17.3 on January 22, 2024. This update brings that fix to devices
that cannot update to the latest iOS version.
Description: A type confusion issue was addressed with improved checks.
WebKit Bugzilla: 267134
CVE-2024-23222

WebKit
Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone SE
(1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch
(7th generation)
Impact: Processing maliciously crafted web content may lead to memory
corruption. This fix associated with the Coruna exploit was shipped in
iOS 16.6 on July 24, 2023. This update brings that fix to devices that
cannot update to the latest iOS version.
Description: A use-after-free issue was addressed with improved memory
management.
WebKit Bugzilla: 255951
CVE-2023-43000: Apple

WebKit
Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone SE
(1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch
(7th generation)
Impact: Processing maliciously crafted web content may lead to memory
corruption. This fix associated with the Coruna exploit was shipped in
iOS 17.2 on December 11th, 2023. This update brings that fix to devices
that cannot update to the latest iOS version.
Description: The issue was addressed with improved memory handling.
WebKit Bugzilla: 260913
CVE-2023-43010: Apple

This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/

iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting Don't Install
will present the option the next time you connect your iOS device.

The automatic update process may take up to a week depending on the
day that iTunes or the device checks for updates. You may manually
obtain the update via the Check for Updates button within iTunes, or
the Software Update on your device.

To check that the iPhone, iPod touch, or iPad has been updated:

* Navigate to Settings
* Select General
* Select About. The version after applying this update
will be "iOS 15.8.7 and iPadOS 15.8.7".

All information is also posted on the Apple Security Releases
web site: https://support.apple.com/100100.

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEhjkl+zMLNwFiCT1o4Ifiq8DH7PUFAmmyENEACgkQ4Ifiq8DH
7PUQNw//ZgXEOg3VGIhzmsh/7SXOGSZhxoTKwWZGWNc+TlBUYPWqLyoGX2uXulna
WxJtKJJxcpYNesdEjBWAlPnJwJCd7Fe6+/NJekz1iH35U3KwhTvUWDBBo9gZUnId
OvBCZSwXAHiCJJ8uhUkCjhpZnx+u29SQyWPiYPwcrjMkI4H3oQ0eyrZ4sdQyUeA1
5ZdwFfVaDNKhpOYaoEXLbuYI4fPsnIiHs31djdzUTZKL5lnPUlKWJ4eVzJ7P/BSB
PgI7TUP9VNRzt5PJvVB1efWIEJtOWAB2splo2ASmNorBKdcjdBNUbRo6NE+vqwlZ
OjoguusrMS9wNu/iHJgnJzMit3ZToLauat3wuPxF7O8UNyfF1Ybvfg4auQGYo1Bj
PuHaOVtYSRhr0q+JF6htpoURjXp6nmEsmh4Wjs4q307RVqDuhwMGAJcwO/2Y30ow
H4nmEq3L4rCvu7Le2OgzsI311PU06vvbVfY6SznfG97pwsLeNZz6d91Z/aHxmAYm
iQqUZjaRyvs9jlD5Y526CFn3x5Sw1AgJX9WZdr4WcCwHE6JsxCu+J8DhG85RVlWJ
HXqd+sSloPmtagwrW9gPag4zA7wUwhJxa6wgLOC5V+P0DsZ81NwmUtppHaONM0qY
M4upJMdLHrXf/Sh8Csnevl5FX+dvwpn9vZodbYJyhsQ3L/PnwT8=
=x1N5
-----END PGP SIGNATURE-----

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: https://seclists.org/fulldisclosure/

Current thread:

  • APPLE-SA-03-11-2026-2 iOS 15.8.7 and iPadOS 15.8.7 Apple Product Security via Fulldisclosure (Mar 12)

文章来源: https://seclists.org/fulldisclosure/2026/Mar/2
如有侵权请联系:admin#unsafe.sh