Submitted via IRC for SoyCow3196
iOS 12.4 Jailbreak Released After Apple Unpatches Older Bug
iOS security researcher Pwn20wnd released a public jailbreak for the latest stable iOS version after Apple reintroduced a vulnerability patched in iOS 12.3, previously exploited to jailbreak iOS 12.2.
Besides the newly available jailbreak for Apple latest iOS version, this should also be considered as a critical vulnerability reintroduced in Apple's mobile operating system that could open the doors to potential attackers targeting the company's huge iOS user base.
Security researcher Stefan Esser also warned iOS users in a tweet that once iOS 12.4 is exploitable by those who want to jailbreak it, anyone else could also do it, even via iOS apps released through Apple's App Store.
I hope people are aware that with a public jailbreak being available for the latest iOS 12.4 people must be very careful what Apps they download from the Apple AppStore. Any such app could have a copy of the jailbreak in it.
— Stefan Esser (@i0n1c) August 19, 2019
The vulnerability reintroduced by Apple is a use after free tracked as CVE-2019-8605 and discovered by Google Project Zero's Ned Williamson and patched by Apple with the iOS 12.3 release from May 13.
This security flaw made it possible for maliciously crafted apps to execute arbitrary code using system privileges on iPhone 5s and later, iPad Air and later, and iPod touch 6th generation.
(Score: 3, Insightful) by chewbacon on Wednesday August 21 2019, @06:10PM
The golden age was iPhone 4 with whatever iOS version back then, Cydia, LockInfo, a tethering client, folders, background apps (only way to listen to Pandora outside the app at the time). Apple has since ripped off those nice tweaks and tethering isn't much of an issue anymore. And didn't Saurik close Cydia? So is there ANY reason to jailbreak now?
The irony about Apple assimilating those tweaks is Steve Jobs saying in an interview about the same time "We just ask people don't steal our stuff, and innovate their own." Wasn't really innovative, Steve.