Apple on Thursday released iOS 9.3.5 for iPhone, iPad and iPod touch, almost a month after releasing iOS 9.3.4. which notoriously patched the latest Pangu jailbreak. Obviously, folks currently jailbroken, or those still on iOS 9.3.3 with hopes of jailbreaking should also stay away from 9.3.5, as Apple stopped signing 9.3.2 and 9.3.3 earlier this week.
With September right around the corner, and the expected release month for iOS 10, it’s possible that this is the last release of iOS 9.3. With it, Apple is focusing on behind-the-scenes improvements, security patches, and overall refinement of the system ahead of another major upgrade on the horizon.
According to The New York Times the three security vulnerabilities patched in the update were exploited by surveillance software created by NSO Group to jailbreak an iPhone and intercept communications.
In an overview of the exploits, security firm Lookout says NSO Group’s spyware software, nicknamed “Pegasus,” was highly sophisticated, installing itself through a link sent via a text message.
The exploit was initially discovered on August 11 after human rights defender Ahmed Mansoor received a suspicious link and sent it to Citizen Lab and Lookout. Had Mansoor clicked the link, it would have jailbroken his iPhone and installed “sophisticated malware” able to intercept phone calls, text messages, FaceTime calls, email, and more.
Here are the full release notes from Apple’s Support page:
Kernel
Available for: iPhone 4s and later, iPad 2 and later, iPod touch (5th generation) and later
Impact: An application may be able to disclose kernel memory
Description: A validation issue was addressed through improved input sanitization.
CVE-2016-4655: Citizen Lab and Lookout
Kernel
Available for: iPhone 4s and later, iPad 2 and later, iPod touch (5th generation) and later
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed through improved memory handling.
CVE-2016-4656: Citizen Lab and Lookout
WebKit
Available for: iPhone 4s and later, iPad 2 and later, iPod touch (5th generation) and later
Impact: Visiting a maliciously crafted website may lead to arbitrary code execution
Description: A memory corruption issue was addressed through improved memory handling.
CVE-2016-4657: Citizen Lab and Lookout
Pegasus is the most advanced attack Lookout has seen because it is customizable, can track a range of things, and uses strong encryption to avoid detection. Lookout believes “Pegasus” had been in the wild for quite some time before it was discovered, with some evidence dating back to iOS 7.
Citizen Lab and Lookout informed Apple of the vulnerabilities and the company worked quickly to implement a fix, patching the exploits in just 10 days.
iOS 9.3.5 is available immediately to all devices running iOS 9 via an over-the-air update.