In the last few days it has become known that a software called "Pegasus" could take control of an iPhone up to and including iOS 9.3.4 by exploiting various vulnerabilities. Apple reacts with iOS 9.3.5
"Pegasus" potentially compromised all non-updated iOS devices: a simple click on a link brought the software to the device, after which a "jailbreak" was performed without the user's knowledge. After that, the software was able to control various functions of the iPhone, access contacts, read data (like emails, passwords, chat histories, etc.). The malware relied on a zero-day exploit, which was fixed by Apple within two weeks. It was discovered by the security company "Lookout" and the Citizen Lab of the University of Toronto. Endangered are all iOS versions from 7.0 on, which was released three years ago.
Users of affected Apple devices are only advised to install the latest update as soon as possible. Apple distributes the approximately 38 megabyte update via iTunes or via the update function of the device itself.
Despite this serious security hole, an iPhone can still be considered relatively secure - 100 % security is of course never guaranteed in a networked system, but Apple reacted relatively quickly and found the discovered gap. Android devices can also suffer from similar and above all previously undiscovered security gaps. Especially the larger market share actually makes the Android system even more interesting for the development of such zero-day exploits.
Further information about "Pegasus" and iOS: