Apple Releases iOS 9.3.5 After Major Security Exploits Uncovered

IMG 0440

Apple today released iOS 9.3.5, the latest update for its iOS 9 mobile operating system. The release comes almost a month after pushing out iOS 9.3.4 and just a few weeks before the latest upgrade iOS 10 will be released to the public. iOS 10 is currently in beta.

iOS 9.3.5 is available to all devices as an OTA update and since it is a security update, Apple recommends updating for all users.

The New York Times has one good argument on why you should upgrade:

Investigators discovered that a company called the NSO Group, an Israeli outfit that sells software that invisibly tracks a target’s mobile phone, was responsible for the intrusions. The NSO Group’s software can read text messages and emails and track calls and contacts. It can even record sounds, collect passwords and trace the whereabouts of the phone user.

There’s a Canadian link to the patch, as two researchers, Bill Marczak and John Scott Railton, at Citizen Lab at the University of Toronto’s Munk School of Global Affairs, and Lookout, a San Francisco mobile security company, discovered the exploits and told Apple immediately, after UAE activist Ahmed Mansoor was targeted and passed along the malware link. The iPhone maker released a fix in just ten days.

iOS 9.3.5 fixes that security flaw. You can read more about the security content of the latest software update here, while read more about NSO and how it tried to lure journalists to click on SMS links over at Motherboard, here.

The scariest part of this malware, which exploited three holes in iOS? They existed since iOS 7 and the iPhone 5, says Motherboard:

Moreover, the malware is programmed with settings that go all the way back to iOS 7, which indicates that NSO has likely been able to hack iPhone devices since the iPhone 5.

Lookout Vice President, Mike Murray, explains what the malware can do to iOS users:

“It basically steals all the information on your phone, it intercepts every call, it intercepts every text message, it steals all the emails, the contacts, the FaceTime calls. It also basically backdoors every communications mechanism you have on the phone,” Murray explained. “It steals all the information in the Gmail app, all the Facebook messages, all the Facebook information, your Facebook contacts, everything from Skype, WhatsApp, Viber, WeChat, Telegram—you name it.”

More reading on the subject matter below:

Stop what you’re doing and update iOS immediately, folks!