By Michael Trantas, Senior Solutions Architect
Apple recently released iOS version 9.3.5 and everyone should be updating – now. This update patches three specific vulnerabilities – CVE-2016-4655, CVE-2016-4656 and CVE-2016-4657. This trio of vulnerabilities, known as “Trident” can deliver and install Pegasus – malware that creates a backdoor, allowing an attacker a persistent presence on the device.
The three vulnerabilities that Trident is comprised of can:
This update is considered critical due to a known strain of this malware discovered by a group known as The Citizen Lab, based out of University of Toronto, Canada. Studies are also showing that 75% of mobile endpoints that access protected corporate resources are running outdated versions of iOS and potentially vulnerable to these exploits.
Helient Systems advises that all of our clients upgrade their Apple devices to iOS version 9.3.5 as soon as possible to prevent these vulnerabilities from being exploited. If you have any questions or would like to request more information on this topic, please contact us at firstname.lastname@example.org.