Home / iPhone / Apple patches iPhone jailbreaking bug

Apple patches iPhone jailbreaking bug


Apple has released today an iOS security update to patch a bug the company accidentally un-patched in an earlier release, introducing a security weakness that has allowed hackers to craft new jailbreaks for current iOS versions.

The original bug, discovered by Ned Williamson, a Google Project Zero security engineer, allows a malicious app to exploit a “user-after-free” vulnerability and run code with system privileges in the iOS kernel.

iOS version 12.4.1, released today, re-patches this bug that was initially fixed in iOS 12.3 but was accidentally unpatched in iOS 12.4, last month.

Sadly, Apple’s blunder didn’t go unnoticed and earlier this month, a security researcher named Pwn20wnd released a public exploit based on Williamson’s bug that could be used to jailbreak up-to-date iOS devices and grant users complete control over their iPhones.

But while users taking a risk and jailbreaking their own devices doesn’t sound that dangerous, a lesser-known fact is that malware operators and spyware vendors can also use Pwn20wnd’s jailbreak as well.

They can embed the jailbreak code inside malicious apps, which can then grant them full control over a device, once the user installs a booby-trapped app.

For this reason, iOS users are advised to install today’s security updates as soon as possible.

Additional security updates have also been released for watchOS (5.3.1), tvOS (12.4.1), and macOS Mojave (10.14.6), where the bug also allows hackers to run code with elevated privileges.

Source link


About admin

I'm a 50 year old PLC programmer from Burnley, UK. I severed my time as an electrician in the baking industry and soon got involved with the up and coming technology of PLC's. Initially this was all based in the Uk but as the years went by I have gradually worked my way around the globe. At first it was mainly Mitsubishi with a bit of Modicon thrown in but these days the industry leaders seem to be the Allen Bradley range of PLC and HMI’s.

Check Also

I tried to photograph the apocalypse, but my iPhone wouldn't let me

Advertisements The iPhone XR prefers Victorian beauty. Chris Matyszczyk/ZDNet I was awake, but I already ...

Leave a Reply

Your email address will not be published. Required fields are marked *