Cupertino-based technology giant Apple released an incremental iOS v9.3.5 update to iPhones, iPad and iPods, which run iOS 9, on Thursday.
The new firmware is said to contain a security patch, which is expected to plug three serious security loop-holes, which, if left unattended, might lead to data leakage, remote tracking of user behaviour and arbitrary code execution upon entering maliciously crafted website.
Apple in its official support page has confirmed to have fixed the aforementioned flaws — two in the Kernel level and another in WebKit.
All three bugs, collectively known as the "Trident," were used to exploited the security flaws in iOS devices to remotely track victims by the Israel-based private snooping agency, NSO Group. As part of keeping a track on political dissidents, they would send an SMS with a website link riddled with the spyware, Pegasus, to iPhones. And once the malware got installed, they used to monitor browser history and keypad strokes without leaving any trace. The espionage racket has been around for several months, but it got busted earlier this month thanks to the alertness of Ahmed Mansoor, a human rights activist of the U.A.E.
Recently, Mansoor began to receive random SMSs with website links on his iPhone. Sensing something fishy, he passed the messages to Citizen Lab. This apparently led to the discovery of flaws in iPhones, and the security agency duly reported the issue to Apple 10 days ago.
Now Apple has advised all iPhone, iPad and iPods users to immediately install new iOS 9.3.5 update.
"We advise all of our customers to always download the latest version of iOS to protect themselves against potential security exploits," Fred Sainz, the Apple spokesperson, was quoted as saying by the New York Times.
How to install latest iOS v9.3.5 update on iPhones, iPads and iPod Touch:
Via OTA (Over-The-Air):
1. Settings >> General >> Software update
[Tip: Users who want to install the update directly on the device via OTA should clear enough device storage space and also make sure the device has more than 50 percent battery life, before downloading the new OS firmware]
1. Back up your iPhone or iPad with either iCloud or via iTunes.
2. Launch iTunes on your Mac or PC.
3. Make sure you're on the latest version of iTunes. Go to About and then Check for Updates or visit iTunes.com.
4. Plug in your iPhone, iPad, or iPod touch if it hasn't already been done.
5. Click on iPhone, iPad, or iPod in the top left navigation.
6. Click on the Check for Update button in the first section that contains information about your device, alternately you can click restore if you'd like to do a clean wipe with updated software.
7. An update should be recognised, click on Download and Update in the pop-up menu and agree to any terms or conditions.
8. Unlock your device with your passcode, if prompted, in order to continue with the upgrade.