Apple releases iOS 9.3.5
iOS 9.3.5 software update fixes major security exploits Getty Images

Earlier this month, Apple rolled out iOS 9.3.4, a very small update weighing in at just 25.1MB, to fix a particular memory corruption issue, discovered by jailbreak developer, the Pangu team. However, that was not the last update for iOS 9.3.

Just before the public release of its next major iPhone operating system, iOS 10, which is expected in September, Apple has pushed out another version of iOS 9.3, the iOS 9.3.5. According to Apple's release note, iOS 9.3.5 "provides an important security update for iPhone or iPad".

Although Apple has rolled out iOS 9.3.5 when iOS 10 is coming in another few days, the rollout is quite important and recommended for all users. The significance of this release is it fixes three security vulnerabilities, which were discovered by Israel-based digital arms dealers, NSO Group.

iOS 9.3.5 is available for users of iPhone 4s and later, iPad 2 and later, iPod touch 5th generation and later. To download and install the update manually, head over to Settings>> General>> Software update. Click here to know about other methods to install iOS update.

Apple fixed the issue almost 10 days after receiving a tip from two researchers, namely Bill Marczak and John Scott Railton, at Citizen Lab at the University of Toronto's Munk School of Global Affairs, and Lookout, a San Francisco mobile security company. As the security content shows, Apple has given credit to both Citizen Lab and Lookout for reporting the issue. Below is a document describing the security content of iOS 9.3.5.

iOS 9.3.5

  • Kernel

Available for: iPhone 4s and later, iPad 2 and later, iPod touch (5th generation) and later
Impact: An application may be able to disclose kernel memory
Description: A validation issue was addressed through improved input sanitisation.
CVE-2016-4655: Citizen Lab and Lookout

  • Kernel

Available for: iPhone 4s and later, iPad 2 and later, iPod touch (5th generation) and later
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed through improved memory handling.
CVE-2016-4656: Citizen Lab and Lookout

  • WebKit

Available for: iPhone 4s and later, iPad 2 and later, iPod touch (5th generation) and later
Impact: Visiting a maliciously crafted website may lead to arbitrary code execution
Description: A memory corruption issue was addressed through improved memory handling.
CVE-2016-4657: Citizen Lab and Lookout

According to a New York Times report, the NSO Group's software was able to read text messages, emails, track calls and contacts. The software, aimed at spying on dissidents and journalists, could even record sounds, collect passwords and trace location of iPhone users.

Apple releases iOS 9.3.5
Apple releases iOS 9.3.5 for supported iPhone, iPad and iPod touch models IBTimes UK

While executives of the NSO Group have been claiming their spyware worked like a "ghost", the issue actually emerged on 10 August when Ahmed Mansoor, a human rights activist in the UAE, began receiving suspicious text messages. The messages reportedly contained information about alleged torture of UAE citizens.

Mansoor then passed on the messages to researchers at Citizen Lab, which then brought in Lookout to help examine the code. Citizen Lab and Lookout discovered the spyware was based on three previous iOS vulnerabilities called zero days. Zero days flaws are basically used by hackers, brokers, spy agencies and law enforcement agencies to get access to devices unofficially.

Apple's iOS 9.3.5 update patches the exploits by the NSO Group, but it is unclear whether it addresses the vulnerabilities used by the FBI, which earlier this year announced that it had paid hackers who found a method to crack an iPhone used by the shooters in San Bernardino.

According to the researchers, the NSO Group had designed its tools to impersonate Red Cross, Facebook, Federal Express, CNN, Al Jazeera, Google and Pokémon.