Why the urgency? Apple on Thursday released a patch fixing a previously unknown security flaw that can give hackers complete access to a targeted iPhone. That is a Very Bad Thing.
Software exploiting that vulnerability was found “targeting an activist’s iPhone in the Middle East,” the Associated Pressreports. Once a flaw like that is out there, it’s only a matter of time before other hackers start using it. So be proactive and patch up your phone before they have the chance.
To update your iPhone, open Settings, then General, then Software Update, then “Install.” (iOS 9.3.5 is the version you want.)
- Make sure you have a recent iCloud backup.
- Launch Settings from your Home screen.
- Tap on General.
- Tap on Software Update.
- Tap on Download and Install.
- Enter your Passcode, if prompted.
- Tap Agree to the Terms and Conditions.
- Tap Agree again to confirm.
Apple released the “important security update” in response to an active malware threat that can be used to read texts and email, record calls (including WhatsApp and Viber calls), track your location and turn on your phone’s camera and microphone.
If that sounds terrifyingly invasive, that’s because it is. The threat, dubbed “Trident” by mobile security firm Lookout, exploits three zero-day vulnerabilities in iOS 9 to form an “attack chain” that can break through Apple’s (relatively) secure platform. According to University of Toronto’s Citizen Lab, Trident is used in a spyware product developed by Israel-based “cyber war” company NSO Group (which is reportedly owned by an American venture capital firm).
Citizen Lab and Lookout became aware of the issue when links containing the Trident exploit and the spyware were sent to Ahmed Mansoor, a human rights defender based in the United Arab Emirates. Mansoor did not click on the links and instead forwarded the emails to Citizen Lab, but had he clicked on the links, his phone would have been remotely jailbroken and invaded by NSO Group’s “government-exclusive” spyware. Upon confirming the zero-day iOS vulnerabilities, Citizen Lab and Lookout notified Apple — and now Apple has released a fix.
How to update your iPhone
To see if you’re running the latest, patched version of iOS 9, open the Settings app and go to General > About > Version. If it says 9.3.5, you’re good. Anything else, and you need to update.
To download and install the update, open the Settings app and go to General > Software Update. Your iPhone will check for the latest update automatically.