Apple's colorful mainstream flagship, starting at $749.
Apple Releases iOS 9.3.5 With Fix for Three Critical Vulnerabilities Exploited by Hacking Group
Apple today released an iOS 9.3.5 update for the iOS 9 operating system, almost a month after releasing iOS 9.3.4 and a few weeks before we expect to see the public release of iOS 10, currently in beta testing.
iOS 9.3.5 is available immediately to all devices running iOS 9 via an over-the-air update.
iOS 9.3.5 is likely to be the last update to the iOS 9 operating system, introducing final bug fixes, security improvements, and performance optimizations before iOS 9 is retired in favor of iOS 10. iOS 9.3.4, the update prior to iOS 9.3.5, included a critical security fix patching the Pangu iOS 9.3.3 jailbreak exploit. iOS 9.3.5 features major security fixes for three zero-day exploits and should be downloaded by all iOS users right away.
According to The New York Times the three security vulnerabilities patched in the update were exploited by surveillance software created by NSO Group to jailbreak an iPhone and intercept communications.
In an overview of the exploits, security firm Lookout says NSO Group's spyware software, nicknamed "Pegasus," was highly sophisticated, installing itself through a link sent via a text message.
The exploit was initially discovered on August 11 after human rights defender Ahmed Mansoor received a suspicious link and sent it to Citizen Lab and Lookout. Had Mansoor clicked the link, it would have jailbroken his iPhone and installed "sophisticated malware" able to intercept phone calls, text messages, FaceTime calls, email, and more.
Pegasus is the most advanced attack Lookout has seen because it is customizable, can track a range of things, and uses strong encryption to avoid detection. Lookout believes "Pegasus" had been in the wild for quite some time before it was discovered, with some evidence dating back to iOS 7.
Citizen Lab and Lookout informed Apple of the vulnerabilities and the company worked quickly to implement a fix, patching the exploits in just 10 days.
iOS 9.3.5 is available immediately to all devices running iOS 9 via an over-the-air update.
iOS 9.3.5 is likely to be the last update to the iOS 9 operating system, introducing final bug fixes, security improvements, and performance optimizations before iOS 9 is retired in favor of iOS 10. iOS 9.3.4, the update prior to iOS 9.3.5, included a critical security fix patching the Pangu iOS 9.3.3 jailbreak exploit. iOS 9.3.5 features major security fixes for three zero-day exploits and should be downloaded by all iOS users right away.
According to The New York Times the three security vulnerabilities patched in the update were exploited by surveillance software created by NSO Group to jailbreak an iPhone and intercept communications.
In an overview of the exploits, security firm Lookout says NSO Group's spyware software, nicknamed "Pegasus," was highly sophisticated, installing itself through a link sent via a text message.
The exploit was initially discovered on August 11 after human rights defender Ahmed Mansoor received a suspicious link and sent it to Citizen Lab and Lookout. Had Mansoor clicked the link, it would have jailbroken his iPhone and installed "sophisticated malware" able to intercept phone calls, text messages, FaceTime calls, email, and more.
Pegasus is the most advanced attack Lookout has seen because it is customizable, can track a range of things, and uses strong encryption to avoid detection. Lookout believes "Pegasus" had been in the wild for quite some time before it was discovered, with some evidence dating back to iOS 7.
Citizen Lab and Lookout informed Apple of the vulnerabilities and the company worked quickly to implement a fix, patching the exploits in just 10 days.
[ 423 comments ]
Top Rated Comments
(View all)
27 months ago
Is it odd that Apple would release so many updates to iOS over a year? We're at iOS 9.3.5 now.
Think back to iOS 7, we got to 7.1.2.
I like the new Apple that doesn't just sit and hope. I like it that they seem to be pushing forward with more fixes.
27 months ago
Hmmm. Really? "pushing forward with more fixes"? What about push forward with a release that doesn't require fixes when released. Isn't this like "a ship with a hole in the bottom, leaking water, and [the] job is to get the ship pointed in the right direction"?
Going to throw this out there. Since it is obviously so simple of a task in the minds of many here at Macrumors, why don't you all band together and DO IT YOURSELF? What a novel concept, right? Since it obviously requires just rolling up the sleeves and digging in it should be doable by anyone!
Seriously, you can put up or shut up as far as I am concerned. Reducing the an extremely complex issue to "they should just do it!!!!" is asinine.
27 months ago
Not surprising, they are leaving iOS 9 as secured as possible for devices not making it into iOS 10.
27 months ago
What I'm saying is, maybe the releases are too premature before being made publicly available.
What I am saying is, you have no clue how anything in software development works if you expect a perfect world like you seem to imagine.
27 months ago
that ain't my job buddy - but I did pay Apple $1,400 for an iPP and $800 for an iPhone to supposedly avoid this.
If you paid Apple to avoid updates, you screwed up. Go get a Lenovo Android phone. You won't have to worry about OS updates on that device.
27 months ago
I wonder if I can get these patches while jailbroken on 9.3.3.
Why do even bother. The fact that your device is jailbroken is already main security problem.
27 months ago
Hmmm. Really? "pushing forward with more fixes"? What about push forward with a release that doesn't require fixes when released. Isn't this like "a ship with a hole in the bottom, leaking water, and [the] job is to get the ship pointed in the right direction"?
There's the imaginary world, and then there's reality. Whether we like it or not we all live in the latter (with essentially all that comes with it and applies to it).
27 months ago
If I wanted weekly operating system updates I would've gone back to Windows. At least Windows updates aren't 1GB in size. 9.3.4 for my iPad 12.9 Pro was over 1GB in download.
You really should move to Android. It sounds like iOS, with its regular updates for improved performance and security, is not for you.
27 months ago
I like the new Apple that doesn't just sit and hope. I like it that they seem to be pushing forward with more fixes.
What's remarkable and sad is that some still view this as a negative and an opportunity to criticize Apple. Not a shocker I suppose.
27 months ago
What I'm saying is, maybe the releases are too premature before being made publicly available.
Fixing security issues that are quite complex and might only be found at some point down the line through some extensive "hacking" or other methods by various individuals or teams in that field doesn't really mean things are prematurely available.[ Read All Comments ]
In macOS Mojave, Apple has extended its Continuity features so that now you can use your iPhone or iPad's camera to take a photo or scan a document, and it will be immediately available on your...
Apple's new macOS Mojave update is not compatible with mid-2010 and mid-2012 Mac Pros with stock GPUs, but it is supported on 2010 and 2012 Mac Pro models that have been upgraded with graphics...
In macOS Mojave, Apple has introduced a new screen capture interface that unifies the screenshot and screen recording features on Mac, making accessing them easier than it used to be.
A new...
If you're someone that has a lot of files on your desktop, you're going to love the new Stacks feature in macOS Mojave, which is designed to organize all of your files into neat little piles...
Apple today shared a support document that will be of interest to customers who own a late 2012 27-inch iMac with a 3TB hard drive and are attempting to upgrade to the macOS Mojave update.
There...
macOS Mojave, the newest version of the software that runs on the Mac, includes a long-awaited Dark Mode option that works across the entire system, from the dock and menu bar to all of your apps.
...
There are a few flash sales happening today, beginning with notable discounts on Apple's first-party iPad cases, which are one of the featured items in Best Buy's Daily Deals today only. Best...
Popular Google-owned mapping app Waze was today updated with support for CarPlay on devices running iOS 12. The iOS 12 update allows third-party mapping apps to be used with CarPlay for the first...
