Thoughtful, detailed coverage of the Mac, iPhone, and iPad, plus the TidBITS Content Network for Apple consultants.

Apple Releases iOS 9.3.4 with a Single Security Fix

Just a few short weeks after the iOS 9.3.3 update (see “Apple Releases OS X 10.11.6, iOS 9.3.3, tvOS 9.2.2, and watchOS 2.2.2,” 18 July 2016), Apple has released iOS 9.3.4. It contains a single security fix for an IOMobileFrameBuffer vulnerability that could allow apps to execute arbitrary code with kernel privileges. That means that a malicious app could do nearly anything it wanted on the device.

It’s unusual for Apple to update an operating system for just one vulnerability, which suggests that the potential exploit may be more concerning than many others. As such, we recommend that you install iOS 9.3.4 soon. It’s a roughly 25 MB download, and you can update via Settings > General > Software Update or through iTunes.

 

READERS LIKE YOU! Support TidBITS by becoming a member today!
Check out the perks at <http://tidbits.com/member_benefits.html>
Special thanks to Anthony Nicholson, Stephen Hinton, Georganne Fisher,
and David Douds for their generous support!
 

Comments about Apple Releases iOS 9.3.4 with a Single Security Fix
(Comments are closed.)

It seems that 9.3.4 fixes some more problems. My iphone on 9.3.3 5S suddenly reported low memory and when managed to recover 0.65 GB the update would not go through Settings. It was only possible to do it with iTunes. When finished free space was up to 1.15 GB
Dave Nathanson  2016-08-08 22:27
I suspect iOS 9.3.4 fixes more than just the 1 security item Apple mentioned. Or maybe OSX blocks iOS until upgraded? Details:

I was recently unable to backup my iPhone until upgrading both iTunes to 12.4.3.1, and iOS to 9.3.4. (Both were minor version updates) Until then iTunes would always throw an error dialog message about unable to write to disk, then hang forever at step 2 backing up. After updating iOS to 9.3.4 it was able to back up and sync without problem. Hmmm.
Jeff Mischkinsky  2016-08-09 01:06
Interestingly that single "important security fix" closes the exploit which enables the Pangu 9.3.3 jailbreak.
So if you want to jailbreak YOUR phone, either upgrade/downgrade to 9.3.3 before apple stops allowing you to install 9.3.3
That was the only reason for this update - to close the jailbreak exploit.
Dennis B. Swaney  2016-08-09 12:59
So Apple still refuses to address the "bug" not allowing NON-Apple ePubs to be added to iBooks via iTunes? Perhaps this is just more proof that Apple is closing the iBooks app to any ePubs not sourced from Apple and its DRM.