Stories
Slash Boxes
Comments

SoylentNews is people

posted by Fnord666 on Wednesday August 21 2019, @03:23PM   Printer-friendly
from the review-the-diffs dept.

Submitted via IRC for SoyCow3196

iOS 12.4 Jailbreak Released After Apple Unpatches Older Bug

iOS security researcher Pwn20wnd released a public jailbreak for the latest stable iOS version after Apple reintroduced a vulnerability patched in iOS 12.3, previously exploited to jailbreak iOS 12.2.

Besides the newly available jailbreak for Apple latest iOS version, this should also be considered as a critical vulnerability reintroduced in Apple's mobile operating system that could open the doors to potential attackers targeting the company's huge iOS user base.

Security researcher Stefan Esser also warned iOS users in a tweet that once iOS 12.4 is exploitable by those who want to jailbreak it, anyone else could also do it, even via iOS apps released through Apple's App Store.

I hope people are aware that with a public jailbreak being available for the latest iOS 12.4 people must be very careful what Apps they download from the Apple AppStore. Any such app could have a copy of the jailbreak in it.

— Stefan Esser (@i0n1c) August 19, 2019

The vulnerability reintroduced by Apple is a use after free tracked as CVE-2019-8605 and discovered by Google Project Zero's Ned Williamson and patched by Apple with the iOS 12.3 release from May 13.

This security flaw made it possible for maliciously crafted apps to execute arbitrary code using system privileges on iPhone 5s and later, iPad Air and later, and iPod touch 6th generation.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 0) by Anonymous Coward on Wednesday August 21 2019, @06:56PM

    by Anonymous Coward on Wednesday August 21 2019, @06:56PM (#883272)

    I think this is a direct move by Apple to brick phones, board meeting went like:

    1. Unpatch a jailbreak vulnerability
    2. Wait for lots of people to hack their phones
    3. Re-patch / come up with a way to kill the jailbroken phones
    4. PROFIT!

    I'd bet Apple fanboys will accept they dun goofed and shell out a grand for a new phone without even thinking about it.