Apple Releases iOS 9.3.5 With Fix for Three Critical Vulnerabilities Exploited by Hacking Group

by

Apple today released an iOS 9.3.5 update for the iOS 9 operating system, almost a month after releasing iOS 9.3.4 and a few weeks before we expect to see the public release of iOS 10, currently in beta testing.

iOS 9.3.5 is available immediately to all devices running iOS 9 via an over-the-air update.

appleios93
iOS 9.3.5 is likely to be the last update to the iOS 9 operating system, introducing final bug fixes, security improvements, and performance optimizations before iOS 9 is retired in favor of iOS 10. iOS 9.3.4, the update prior to iOS 9.3.5, included a critical security fix patching the Pangu iOS 9.3.3 jailbreak exploit. iOS 9.3.5 features major security fixes for three zero-day exploits and should be downloaded by all iOS users right away.

According to The New York Times the three security vulnerabilities patched in the update were exploited by surveillance software created by NSO Group to jailbreak an iPhone and intercept communications.

In an overview of the exploits, security firm Lookout says NSO Group's spyware software, nicknamed "Pegasus," was highly sophisticated, installing itself through a link sent via a text message.

The exploit was initially discovered on August 11 after human rights defender Ahmed Mansoor received a suspicious link and sent it to Citizen Lab and Lookout. Had Mansoor clicked the link, it would have jailbroken his iPhone and installed "sophisticated malware" able to intercept phone calls, text messages, FaceTime calls, email, and more.

Pegasus is the most advanced attack Lookout has seen because it is customizable, can track a range of things, and uses strong encryption to avoid detection. Lookout believes "Pegasus" had been in the wild for quite some time before it was discovered, with some evidence dating back to iOS 7.

Citizen Lab and Lookout informed Apple of the vulnerabilities and the company worked quickly to implement a fix, patching the exploits in just 10 days.

Top Rated Comments

Michael Goff Avatar
Michael Goff
71 months ago
Is it odd that Apple would release so many updates to iOS over a year? We're at iOS 9.3.5 now.

Think back to iOS 7, we got to 7.1.2.
I like the new Apple that doesn't just sit and hope. I like it that they seem to be pushing forward with more fixes.
Score: 51 Votes (Like | Disagree)
639051 Avatar
639051
71 months ago
Hmmm. Really? "pushing forward with more fixes"? What about push forward with a release that doesn't require fixes when released. Isn't this like "a ship with a hole in the bottom, leaking water, and [the] job is to get the ship pointed in the right direction"?
Going to throw this out there. Since it is obviously so simple of a task in the minds of many here at Macrumors, why don't you all band together and DO IT YOURSELF? What a novel concept, right? Since it obviously requires just rolling up the sleeves and digging in it should be doable by anyone!

Seriously, you can put up or shut up as far as I am concerned. Reducing the an extremely complex issue to "they should just do it!!!!" is asinine.
Score: 40 Votes (Like | Disagree)
cale508 Avatar
cale508
71 months ago
Not surprising, they are leaving iOS 9 as secured as possible for devices not making it into iOS 10.
Score: 22 Votes (Like | Disagree)
639051 Avatar
639051
71 months ago
What I'm saying is, maybe the releases are too premature before being made publicly available.
What I am saying is, you have no clue how anything in software development works if you expect a perfect world like you seem to imagine.
Score: 19 Votes (Like | Disagree)
Michael Goff Avatar
Michael Goff
71 months ago
that ain't my job buddy - but I did pay Apple $1,400 for an iPP and $800 for an iPhone to supposedly avoid this.
If you paid Apple to avoid updates, you screwed up. Go get a Lenovo Android phone. You won't have to worry about OS updates on that device.
Score: 16 Votes (Like | Disagree)
urtules Avatar
urtules
71 months ago
I wonder if I can get these patches while jailbroken on 9.3.3.
Why do even bother. The fact that your device is jailbroken is already main security problem.
Score: 15 Votes (Like | Disagree)
Read All Comments

Popular Stories

airpodsinear 1

AirPods Save Woman's Life With Feature Everyone Should Know

Friday January 21, 2022 2:13 am PST by
Apple's AirPods have been credited with saving a woman's life after a potentially fatal fall, People reports. When a 60-year-old florist in New Jersey tripped and hit her head in her studio, she lost consciousness and awoke heavily bleeding. With nobody around to call for help, she realized she had her AirPods in, and used a "Hey Siri" command to call 911. An operator was able to stay on the ...
Read Full Article
maxresdefault

Review: M1 Max MacBook Pro After Three Months

Wednesday January 19, 2022 11:30 am PST by
It's now been a few months since the M1 Pro and M1 Max MacBook Pro models launched in October, and MacRumors video editor Dan Barbera has been using one of the new machines since they debuted. Over on the MacRumors YouTube channel, Dan has shared a three month review of his MacBook Pro to see how it has held up over time and how it's changed his workflow. Subscribe to the MacRumors YouTube ...
Read Full Article184 comments
iphone se 2020 top

New iPhone SE Likely to Launch in April Based on Production Timeframe

Wednesday January 19, 2022 6:44 am PST by
Apple suppliers will begin producing display panels for the third-generation iPhone SE this month, with final assembly of the device likely to start in March, according to information shared by display industry consultant Ross Young. Based on this production timeframe, Young believes the third-generation iPhone SE is likely to launch in the second half of April, or perhaps in early May at...
Read Full Article52 comments
iphone 13 earpods

Apple to Stop Including EarPods With Every iPhone Sold in France From Next Week

Friday January 21, 2022 3:21 am PST by
Apple will no longer include EarPods with every iPhone sold in France, starting on January 24, according to a notice posted by a French carrier (via iGeneration). Apple was previously required to include EarPods in the box with the iPhone due to a French law that required every smartphone sold in the country to come with a "handsfree kit," but the law has now been changed in favor of reducing the ...
Read Full Article186 comments
Spring 2022 Apple Products Feature

New iPad Air, Macs, and iPhone SE With 5G Likely to Be Announced at Apple Event This Spring

Thursday January 20, 2022 8:32 am PST by
Earlier this week, Bloomberg's Mark Gurman tweeted that Apple "will be holding a spring event" to announce a new iPhone SE and other hardware. In a recent edition of his newsletter, Gurman said the event is likely to occur in March or April. Gurman did not elaborate on what "other hardware" will be announced at Apple's purported spring event, but rumors suggest at least four products are...
Read Full Article80 comments
peloton tv workout cardio

Apple Floated as Potential Buyer of Peloton

Friday January 21, 2022 6:11 am PST by
Following months of bleak news about Peloton's "precarious state," including the revelation that it has halted production of its bikes and treadmills, Apple is being floated as a potential buyer of Peloton's troubled fitness business. Yesterday, CNBC reported that Peloton will temporarily stop production of its connected fitness products due to a "significant reduction" in consumer demand, a ...
Read Full Article326 comments
apple watch series 7 aluminum colors yellowbg

Apple Watch Charging Bug Fixed in watchOS 8.4 Release Candidate

Thursday January 20, 2022 4:01 pm PST by
The watchOS 8.4 release candidate that was seeded to developers and beta testers this morning addresses an ongoing bug that could cause some Apple Watch chargers not to work properly with the Apple Watch. Back in December, we reported on a growing number of charging issues that Apple Watch Series 7 owners were facing. Since watchOS 8.3, there have been a number of complaints about...
Read Full Article26 comments
appleprivacyad cleaned

iOS 15 Patched Security Hole That Potentially Exposed Users' Private Apple ID Information to Third-Party Apps

Thursday January 20, 2022 3:32 am PST by
Apple patched two significant security vulnerabilities when it released iOS 15 that could have potentially exposed users' private Apple ID information and in-app search history to malicious third-party apps and allowed apps to override user Privacy preferences, Apple has revealed in a recent support document update. With most iOS, macOS, tvOS, and watchOS updates, Apple provides a list of...
Read Full Article71 comments
safari icon blue banner

macOS Monterey 12.2 and iOS 15.3 Release Candidates Fix Safari Bug That Leaks Browsing Activity

Thursday January 20, 2022 1:30 pm PST by
The macOS Monterey 12.2 and iOS 15.3 release candidates that came out today appear to address a Safari bug that could cause your recent browsing history and details about your identity to be leaked to malicious entities. As shared last week by browser fingerprinting service FingerprintJS, there is an issue with the WebKit implementation of the IndexedDB JavaScript API. Any website that uses...
Read Full Article43 comments