Apple has released a new software update for the iPhone, iPad, and iPod Touch, iOS 9.3.5. This update has been released to address a recently discovered security flaw in the operating system. The security flaw was discovered by Citizen Lab and Lookout, who revealed that the flaw was used to install spyware on devices. It was apparently exploited by government hackers.
Citizen Lab (Munk School of Global Affairs, University of Toronto) and Lookout have uncovered an active threat using three critical iOS zero-day vulnerabilities that, when exploited, form an attack chain that subverts even Apple’s strong security environment. We call these vulnerabilities “Trident.” Our two organizations have worked directly with Apple’s security team, which was very responsive and immediately fixed all three Trident iOS vulnerabilities in its 9.3.5 patch.
Understanding the Trident Vulnerabilities
The Trident vulnerabilities are a trio of zero-day exploits that were particularly dangerous because they allowed attackers to bypass Apple’s robust security measures. Zero-day vulnerabilities are flaws that are unknown to the software vendor and are exploited by attackers before the vendor has a chance to create a fix. In this case, the vulnerabilities were used to create an attack chain that could remotely jailbreak an iOS device and install spyware without the user’s knowledge.
The spyware, known as Pegasus, was capable of reading text messages, tracking calls, collecting passwords, and even tracking the location of the device. This level of access could potentially expose sensitive personal and professional information, making it a significant threat to users’ privacy and security.
Immediate Response and User Action
Apple’s response to the discovery of the Trident vulnerabilities was swift and decisive. The company worked closely with Citizen Lab and Lookout to develop and release the iOS 9.3.5 update, which patches all three vulnerabilities. This collaboration highlights the importance of cybersecurity researchers and tech companies working together to protect users from emerging threats.
For users, updating to iOS 9.3.5 is crucial. The update not only fixes the Trident vulnerabilities but also ensures that devices are protected against any future exploits that might attempt to use similar methods. To update your device, go to Settings > General > Software Update and follow the on-screen instructions.
It’s also a good practice to regularly check for software updates and install them promptly. Keeping your device’s software up to date is one of the most effective ways to protect against security threats.
Broader Implications and Future Security
The discovery of the Trident vulnerabilities and the subsequent release of iOS 9.3.5 underscore the ongoing battle between security experts and malicious actors. As technology evolves, so do the methods used by hackers to exploit vulnerabilities. This incident serves as a reminder of the importance of vigilance and proactive security measures.
For developers and tech companies, it highlights the need for continuous security assessments and prompt responses to discovered vulnerabilities. For users, it emphasizes the importance of staying informed about potential threats and taking necessary actions to safeguard their devices.
You can find out more information about the security flaw over at Lookout at the link below. If you own an iPhone, iPad, or iPod Touch, it is highly recommended to update your device to the latest software to ensure your data remains secure.
Source: Techmeme
Latest Geeky Gadgets Deals
Disclosure: Some of our articles include affiliate links. If you buy something through one of these links, Geeky Gadgets may earn an affiliate commission. Learn about our Disclosure Policy.
