Team Pangu is an iPhone jailbreaking team that discovers vulnerabilities in Apple’s iOS operating system for its various iDevices.
The hacking team recently released a jailbreak for iOS 9.3.3, but with Apple’s new iOS 9.3.4, that jailbreak is rendered ineffective.
As iTWire’s Sam Varghese noted in an article late last week, Apple has indeed started up an invitation-only bug bounty programme paying up to a US $200,000 reward for information on the highest level hacks.
Apple itself reports that iOS 9.3.4 fixes a problem where "an application may be able to execute arbitrary code with kernel privileges", and notes that "a memory corruption issue was addressed through improved memory handling".
The vulnerability is CVE-2016-4654 and — surprise, surprise — the company that Apple credits is the aforementioned Team Pangu.
Clearly, it’s a serious problem with the Australian federal government’s StaySmartOnline site issuing a high-priority alert that quotes the US-CERT (US Computer Emergency Response Team) stating that the unpatched vulnerability "may allow a remote attacker to take control of an affected system".
The update is available for "iPhone 4s and later, iPad 2 and later and iPod touch (5th generation and later)".
As StaySmartOnline advises: "Updates close vulnerabilities in computer systems that remote attackers can otherwise use to gain access to systems or information (such as online banking details).
"A vulnerability is a weakness that can leave a computer and its systems open to attack. Attacks can be carried out a number of ways, including through malicious software (malware) such as viruses and spyware that can monitor a users’ activity on a computer and stop systems operating properly."
So, if you haven’t updated yet, please go to Settings, General, Software Update on your iOS device and update it as soon as you can to stay safe!