If an iOS device is set to connect to a trusted Wi-Fi network automatically — such as a cable company's free hotspot — a hacker mimicking that network's name can trick a device into setting the wrong time, said Patrick Kelley and Matt Harrigan, cited by Krebs on Security. This is possible because iOS regularly tries to connect to an NTP (network time protocol) server to keep time in sync.
In some cases all that's needed is to spoof time.apple.com, and run some custom software on a device as simple as a $35 Raspberry Pi. iPhones may be more difficult to deceive, since they typically update time through GSM, but a GSM antenna could be used.
Forcing a vulnerable device's time back to January 1, 1970 can cause it to "brick" after a reboot. iPads tested by Kelley and Harrigan wouldn't unlock, and would eventually overheat and fail to boot at all.
Apple reportedly confirmed the vulnerability, and coordinated the release of Kelley and Harrigan's findings so a fix would already be available. In its own testing, however, Apple said that iOS 9.3 definitely solved the bug, and that it was unable to force a provided iPad Air to get any hotter than 45.8 degrees Celsius. The company added that it was able to restore the iPad to iOS 9.3 or 9.3.1 using iTunes, even though Kelley and Harrigan's test units stopped working with the software.