Apple Inadvertently Reversed A Patch That Lead To iOS 12.4 Being Jailbroken

in apple •  5 years ago 


Apple released its iOS 12.4 in the previous month while fixing a Walkie-Talkie bug breaching user’s privacy. However, little did they realize that they have inadvertently reversed a fix for a previous vulnerability. Nonetheless, the hackers didn’t miss to pick this mistake up and exploit it to jailbreak iPhones. Reportedly, a researcher has pointed out an iOS 12.4 jailbreak while demonstrating the flaw.

Vulnerability Triggering iOS 12.4 Jailbreak


Apple has accidentally unpatched an already known vulnerability in iOS 12.4. The vulnerability previously existed in iOS 12.2, Apple fixed it with iOS 12.3. However, it turns out that Apple reversed the fix (certainly by mistake) while releasing iOS 12.4. Consequently, allowing for the Jailbreak.

In a recent report, Motherboard disclosed that Apple reintroduced the bug in the latest iOS version. The vulnerability CVE-2019-8605 first affected iOS 12.2 allowing potential attackers to execute arbitrary codes on the target device. Ned Williamson working with Google Project Zero first discovered this flaw termed as ‘SockPuppet’.

The vulnerability now reappears in iOS 12.4, where it allows jailbreaking the latest iOS version for the first time. Thus, it becomes a security problem if a criminal hacker exploits it. Researcher Pwn20wnd has already released the jailbreak publicly. Speaking to Motherboard, he explained that “somebody could make perfect spyware” by exploiting the flaw.

Refrain From Installing Apps Until Next iOS Update


Many users have successfully jailbroken their devices using Pwn20wnd’s app. While that may sound interesting, they have unknowingly made their devices vulnerable to hacks as well. Security researcher Stefan Esser has already warned users in this regard.

https://twitter.com/i0n1c/status/1163400360020598784

According to his guesstimate, it is entirely possible that the malicious actors may enter the App to the store in a few days to hack iPhone users.

It is only public knowledge since yesterday that the old exploit (that has source code available) works again. Criminals need at least a few days to incorporate this into Apps and submit to the iOS AppStore where they will then show up 2 days later

— Stefan Esser (@i0n1c) August 19, 2019
This means only users with their devices running on iOS 12.3 are safe for now. Otherwise, even with the latest iOS 12.4 users are also vulnerable to cyber-attacks. Therefore, the only viable option for the users to stay safe is to wait for the release of iOS 12.4.1 and refrain from jailbreaking their devices or downloading any apps until then.

Let us know your thoughts in the comments.

Posted from my blog with SteemPress : https://latesthackingnews.com/2019/08/22/apple-inadvertently-reversed-a-patch-that-lead-to-ios-12-4-being-jailbroken/

apple appledatasecurity applehackingvulnerability appleios appleios12
5 years ago by

Downvoting a post can decrease pending rewards and make it less visible. Common reasons:

  • Disagreement on rewards
  • Fraud or plagiarism
  • Hate speech or trolling
  • Miscategorized content or spam

Submit
$0.00
    2 votes
    1
    Authors get paid when people like you upvote their post.
    If you enjoyed what you read here, create your account today and start earning FREE STEEM!
    Sort Order:  
  • Trending
    • [-]
      ·  5 years ago 

    Hi! I am a robot. I just upvoted you! I found similar content that readers might be interested in:
    https://ethhack.com/2019/08/apple-inadvertently-reverses-a-patch-leading-to-ios-12-4-jailbreak/

    Downvoting a post can decrease pending rewards and make it less visible. Common reasons:

    • Disagreement on rewards
    • Fraud or plagiarism
    • Hate speech or trolling
    • Miscategorized content or spam

    Submit
    $0.00