Apple on Thursday pushed out yet another important update for its iOS 9 operating system, addressing serious security holes apparently exploited by an Israeli hacking firm, in what could be the final patch ahead of the release of iOS 10.
iOS 9.3.5 is now available through Software Update on compatible devices, and can also be installed through iTunes on a connected Mac or PC. As with the previous release, Apple has characterized the latest build as an "important security update" recommended for all users.
Apple turned around the patch quickly, just 10 days after a pair of security researchers alerted the company to potential flaws in the OS, according to The New York Times. The issues were said to be exploited by an Israeli company called the NSO Group that specializes in tracking the mobile phones of targets.
While it's unclear just how much access the NSO Group had to devices running iOS 9, Thursday's report noted that the group had developed software that could read text messages, emails, calls, contacts and more. Whether the full range of exploits were specific to the iPhone, or if they applied to other smartphone models, is unclear.
"It can even record sounds, collect passwords, and trace the whereabouts of the phone user," the report said.
The security holes were discovered by Bill Marczak and John Scott-Railton.
The launch of iOS 9.3.5 comes a few weeks after iOS 9.3.4 was publicly released. Like that update, iOS 9.3.5 also did not have a beta period for developers or testers.
Apple is set to release its next major platform update, iOS 10, this fall, likely in September. It includes major notification improvements, third-party app support for Siri voice prompts, and upgrades to native apps including Messages, Maps and Photos.
For more on iOS 10, see AppleInsider's ongoing Inside iOS 10 series.
22 Comments
I wonder if this patch was in iOS 10 beta 7 and its why they rushed it out last Friday.
Imagine you're stuck on Android and having to wait god knows how long before you get the fix (that is, IF you get it). Even owners of the S7 or Note 7 are going to have to wait 30 days to get their security updates (until Samsung decides 30 days is too much work and they start slipping release times).