Apple issues iOS 9.3.5 update, patching serious security issues discovered just 10 days ago

By Neil Hughes

Apple on Thursday pushed out yet another important update for its iOS 9 operating system, addressing serious security holes apparently exploited by an Israeli hacking firm, in what could be the final patch ahead of the release of iOS 10.

iOS 9.3.5 is now available through Software Update on compatible devices, and can also be installed through iTunes on a connected Mac or PC. As with the previous release, Apple has characterized the latest build as an "important security update" recommended for all users.

Apple turned around the patch quickly, just 10 days after a pair of security researchers alerted the company to potential flaws in the OS, according to The New York Times. The issues were said to be exploited by an Israeli company called the NSO Group that specializes in tracking the mobile phones of targets.

While it's unclear just how much access the NSO Group had to devices running iOS 9, Thursday's report noted that the group had developed software that could read text messages, emails, calls, contacts and more. Whether the full range of exploits were specific to the iPhone, or if they applied to other smartphone models, is unclear.

"It can even record sounds, collect passwords, and trace the whereabouts of the phone user," the report said.

The security holes were discovered by Bill Marczak and John Scott-Railton.

The launch of iOS 9.3.5 comes a few weeks after iOS 9.3.4 was publicly released. Like that update, iOS 9.3.5 also did not have a beta period for developers or testers.

Apple is set to release its next major platform update, iOS 10, this fall, likely in September. It includes major notification improvements, third-party app support for Siri voice prompts, and upgrades to native apps including Messages, Maps and Photos.

For more on iOS 10, see AppleInsider's ongoing Inside iOS 10 series.