Industry News

iOS 9.3.4 released, fixing critical security hole. Update now

Source: apple.com

 

Apple has just released iOS 9.3.4, the latest versions of its mobile operating system for iPhone and iPad users, and owners of the devices are recommended to upgrade as soon as possible.

The reason why you should update your iPhones and iPads? Well, it’s not because of any fancy new bells-and-whistles that Apple has introduced to the operating system, but because it has fixed an important security hole under the hood that if left unpatched could have opened opportunities for hackers to run malicious code on your device.

The flaw was discovered by Team Pangu, a group best known for producing tools to help users jailbreak devices running iOS. Here’s how Apple curtly describes the patch in its security bulletin:

IOMobileFrameBuffer

Available for: iPhone 4s and later, iPad 2 and later, iPod touch (5th generation) and later

Impact: An application may be able to execute arbitrary code with kernel privileges

Description: A memory corruption issue was addressed through improved memory handling.

CVE-2016-4654: Team Pangu

Chances are that the flaw was one of those being used by Team Pangu to help users jailbreak their devices. My views is that the typical iOS user would be unwise to jailbreak their iPhones or iPads because of the risks of allowing unvetted apps from running on your smartphone.

In order to update your iPhone or iPad to iOS 9.3.4, plug it in and install the update by visiting Settings / General / Software Update.

ios-9-3-4-update

It’s only two weeks since Apple released its last version of iOS – version 9.3.3. And the next major version – iOS 10 – is anticipated to be released in September. But never make the mistake of thinking that having to regularly install updates on your treasured smartphone is a pain in the neck. Because what’s the alternative? Not receiving any security updates at all?

If mobile phone users never receive security updates then they risk becoming easy pickings for organised online criminals.

As it is, most iPhone and iPad users are well served when it comes to easily installing security updates. If you ever think security is a pain on your mobile device, just have a word with your Android-owning friends many of whom will find it hard to remember when (if ever) they received their last operating system update.

News of the security update comes at the same time as Apple’s announcement that it was finally introducing a bug bounty, offering up to $200,000 to vulnerability researchers who discover critical security holes in its products.

About the author

Graham CLULEY

Graham Cluley is an award-winning security blogger, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by companies such as Sophos, McAfee and Dr Solomon's. He has given talks about computer security for some of the world's largest companies, worked with law enforcement agencies on investigations into hacking groups, and regularly appears on TV and radio explaining computer security threats.

Graham Cluley was inducted into the InfoSecurity Europe Hall of Fame in 2011, and was given an honorary mention in the "10 Greatest Britons in IT History" for his contribution as a leading authority in internet security.

1 Comment

Click here to post a comment

Your email address will not be published. Required fields are marked *

  • Tis one of the primary reasons I've stuck it out with iOS.

    I was on the cusp of buying a Samsung S7, but the hassles of manually upgrading the ROM via Odin or waiting on my carrier to release their bloat-laden firmware is a PITA…