Just a few weeks after posting iOS 9.3.4 to fix a jailbreaking-related bug, Apple has released iOS 9.3.5 to all supported iPhones and iPads. The update provides an “important security update” and comes just a few weeks before the expected release of iOS 10, which is currently pretty far along in the developer/public beta process.
Apple’s security release notes say that three bugs have been fixed, two in the iOS kernel and one in WebKit. The bugs were discovered by Citizen Lab and Lookout, the latter of which posted more information in a blog post. Lookout collectively calls the three zero-day vulnerabilities “Trident,” and says that they could allow an victim’s personal data to be accessed after opening a link sent in a text message. Trident infects a user’s phone “invisibly and silently, such that victims do not know they’ve been compromised.” We’ll have more information about the vulnerability in a forthcoming article.
The update is available now for everything that runs iOS 9: the iPhone 4S and newer; iPad 2 and newer; all iPad Minis and iPad Pros; and the fifth- and sixth-generation iPod Touches.