0

iOS 9.3.5 released to patch remote jailbreak exploit

Apple released  iOS 9.3.5 yesterday, which surprised many people. Seems the update was not scheduled, rather it is a vulnerability patch.

Rumors surfaced online that iOS 9.3.4 has been jailbroken, after Min Zheng, an Android/iOS Senior Security Engineer, who works at Alibaba, posted a video demonstrating how he installed Cydia on his iPhone.


Many people thought Apple released iOS 9.3.5 to patch this jailbreak. Unfortunately things are more serious than that. Apple patched some vulnerabilities that were exposing contacts, texts, calls, and emails. The flaw was discovered thanks to Ahmed Mansoor, a 46-year-old human rights activist from the United Arab Emirates. He received a phishing sms text with a malicious link on August 10. Instead of clicking on it, he sent the data to Citizen Lab for analysis. They soon discovered that the link lead to a remote exploit, meaning it could have been able to jailbreak his iPhone 6 running iOS 9.3.3. The exploit was named Trident. Had Mansoor clicked on the link, his phone would have been compromised and all his conversations exposed to the government (UAE).

Who developed the malware?

Apparently the NSO Group from Israel is at fault. They are selling the Pegasus spyware product to any government willing to pay.

Vulnerabilities patched by Apple

CVE-2016-4655: (Citizen Lab and Lookout)

  • Kernel memory flaw patched
  • Devices impacted : iPhone 4s and later, iPad 2 and later, iPod touch (5th generation) and later

CVE-2016-4656 (Citizen Lab and Lookout)

  • Kernel memory patched, memory corruption issue fixed by improving memory handling.
  • Devices impacted : iPhone 4s and later, iPad 2 and later, iPod touch (5th generation) and later

CVE-2016-4657 (Citizen Lab and Lookout)

  • Webkit patched, visiting a website link could have executed arbitrary code with kernel privileges
  • Devices impacted : iPhone 4s and later, iPad 2 and later, iPod touch (5th generation) and later

admin

Leave a Reply

Your email address will not be published. Required fields are marked *