Got an Older iPhone? iOS 16.7.8 Addresses an Important Security Bug

Apple has released security updates for old-gen iDevices stuck on iOS 16 to address a serious flaw said to have been exploited by hackers.

The RTKit vulnerability, addressed earlier this year on newer devices, is exploitable to the extent it can grant “arbitrary kernel read and write capability […] to bypass kernel memory protections.”

“Apple is aware of a report that this issue may have been exploited,” reads the advisory accompanying the release of iOS 16.7.8 and iPadOS 16.7.8.

Tracked as CVE-2024-23296, the bug was addressed in March with the release of iOS 17.4, iPadOS 17.4. The issue is serious enough to warrant backporting for customers with older models capped at iOS 16, including the iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation.

The Cupertino tech giant is also patching macOS Ventura against the flaw, offering up version 13.6.7, which includes the same fix, alongside two lesser security fixes.

Most such security lapses patched diligently by Apple – especially on old-gen devices – have been typically used by spyware operators in targeted attacks on high-profile figures like politicians, dissidents, activists, free-speech advocates and journalists.

Apple this week also rolled out iOS 17.5 and iPadOS 17.5, the latest point-update to its mobile OS, which covers dozens more security fixes, including an all-important feature dubbed Detecting Unwanted Location Trackers (DULT) that notifies users if someone is using a Bluetooth tracking device to stalk them.

Both Apple and Google are offering the new feature in a cross-platform effort to boost security and privacy across the iOS and Android ecosystems worldwide.

Bitdefender strongly recommends deploying the latest security updates from your device vendor as soon as you get a chance. Keeping your devices updated ensures you have the latest security patches applied, greatly reducing hackers’ attack surface. For peace of mind, consider using a dedicated security solution on all your personal devices.