Apple released iOS 9.3.5 on Thrusday, August 25, 2016 to address numbers of Critical Security Vulnerabilities.
Both Citizenlab and Lookout were credited for the security fix.
Persistent, enterprise-class spyware is an underestimated problem on mobile devices. However, targeted attack scenarios against high-value mobile users are a real threat.
Citizen Lab (Munk School of Global Affairs, University of Toronto) and Lookout have uncovered an active threat using three critical iOS zero-day vulnerabilities that, when exploited, form an attack chain that subverts even Apple’s strong security environment. We call these vulnerabilities “Trident.” Our two organizations have worked directly with Apple’s security team, which was very responsive and immediately fixed all three Trident iOS vulnerabilities in its 9.3.5 patch.
It is imperative to update any affected iOS devices to iOS 9.3.5.