SecureMac, Inc.

Computer security news. Just for Macs.

Get the latest computer security news for Macs and be the first to be informed about critical updates. Industry news, security events and all you need right at your fingertips. Malware threats change daily, so keep up to date on the latest developments to help ensure your privacy and protection. You can never be too safe.

Apple Releases Important iOS Update to guard against Malware

Posted on August 26, 2016

iPhone and iPad users should update to the latest version of iOS as soon as possible, following the latest security update from Apple. The new patch—iOS 9.3.5—arrived on Thursday, August 25th and was dubbed by Apple as an “important security update.” It addresses dangerous malware that was recently developed in the Middle East.

Writing for ZDNet, Zack Whittaker noted that iOS 9.3.5 is a patch for three different malware vulnerabilities, not just one. Working together, security researchers Citizen Lab and Lookout discovered the vulnerabilities and notified Apple about their existence. Lookout and Citizen Lab also gave the vulnerabilities the snappy, all-encompassing name of the Trident.

In a blog posted on the day of iOS 9.3.5’s release, Lookout described the issue as a “persistent mobile attack of high-value targets on iOS.” The malware in question attacks the Trident vulnerabilities and uses them to compromise iOS in several significant ways. Specifically, the malware acts as spyware, allowing hackers to access a device and browse contacts, read texts, and open emails. The malware can also give cyber-criminals the location of the device in question, or allow them to switch on the microphone and camera.

The malware originated in the Middle East, where a company in Israel figured out how to exploit the Trident vulnerabilities. Citizen Lab also noted that the government of the United Arab Emirates tried to use this spyware against human rights activist Ahmed Mansoor. Earlier this month, Mansoor received two text messages from a sender he didn’t recognize. He forwarded them to Citizen Lab, who discovered their true, malicious nature.

Citizen Lab says that if Mansoor had opened the text messages, they would have essentially turned his iPhone into a “sophisticated bugging device.” However, since Mansoor forwarded the texts to a security research company, not only has he avoided the threat, but he’s also brought about the fix. Mansoor’s decision allowed Citizen Lab and Lookout to discover the true nature of the spyware and the Trident vulnerabilities behind it. In turn, the two security research firms forwarded the information on to Apple, where the Trident vulnerabilities were promptly patched.

On his Twitter account, Whittaker praised Apple for their quick response—not only to this particular threat but also to others that have emerged recently. ” Love them or hate them, Apple’s ten-day turnaround to patch these flaws is impressive,” he wrote.

To download iOS 9.3.5, go to the Settings menu on your iPhone or iPad, tap General, and then select Software Update.

Join our mailing list for the latest security news and deals