Apple just released the iOS 9.3.3 update, which should be the final patch version for iOS 9. For this reason, it seems a lot of extra beta time was taken to make it as secure and stable as possible. Also, since this security update contains patches to remote code execution vulnerabilities, all iOS users are advised to update their devices immediately.
Security holes were patched in Calendar, CoreGraphics, FaceTime, Safari and Siri, each fix addressing tempting opportunities for hackers to run unauthorized code or expose private information.
The main security updates in this iOS version include patching of the following vulnerabilities:
- Vulnerabilities in parsing TIFF and BMP images (originating from a malicious website, MMS, or other source) can lead to execution of unauthorized code. In combination with an additional local privilege vulnerability, this could enable an attacker to run code originating from a remote interface.
- Several kernel and kernel extension vulnerabilities allow a local attacker to read kernel memory or execute code within the kernel context.
- Local iOS applications were able to get information about other running processes on the device, thus bypassing Apple’s restrictions.
Learn more about the security content of iOS 9.3.3 on Apple’s website.