Apple Accidentally Unpatches Vulnerability, Leading to New iOS 12.4 Jailbreak
Apple in iOS 12.4 mistakenly unpatched a vulnerability that was fixed in the iOS 12.3 update, leading to a new jailbreak available for iOS 12.4 devices, reports Motherboard.
Hackers discovered the vulnerability over the weekend and Pwn20wnd created a publicly available, free jailbreak that works on devices running the latest version of iOS or any version of iOS below iOS 12.3.
Most jailbreak code is kept private to keep Apple from patching it, so this is the first time that a public jailbreak has been available in a while. It was apparently discovered when a user tested an older jailbreak on iOS 12.4 and found the patch had been reverted.
Security researcher Jonathan Levin told Motherboard that the accidental vulnerability also once again makes iPhone users vulnerable to a "100+ day exploit," referring to how long the bug has been around.
Ned Williamson from Google Project Zero said that the bug could be exploited to install spyware on a target iPhone.
The researcher told Motherboard that "somebody could make a perfect spyware" taking advantage of Apple's mistake. For example, he said, a malicious app could include an exploit for this bug that allows it to escape the usual iOS sandbox--a mechanism that prevents apps from reaching data of other apps or the system--and steal user data.
Another scenario is a hacker including the exploit in a malicious webpage, and pairing it with a browser exploit, according to the researcher.
A third security researcher, Stefan Esser said that people should be careful what apps they download from the App Store right now. "Any such app could have a copy of the jailbreak in it," he wrote on Twitter.
Multiple users have confirmed that the jailbreak works and that their devices have been jailbroken using the new software. Apple has not commented on how or why the vulnerability was unpatched, but the company will likely have a fix available soon.
Popular Stories
Apple has announced that iOS 18.2, iPadOS 18.2, and macOS Sequoia 15.2 will be released today following more than six weeks of beta testing.
For the iPhone 15 Pro and iPhone 16 models, the update introduces additional Apple Intelligence features, including Genmoji for creating custom emoji, Image Playground and Image Wand for generating images, and ChatGPT integration for Siri. There is also ...
Apple today seeded the second release candidate versions of upcoming iOS 18.2, iPadOS 18.2, and macOS 15.2 updates to developers and public beta testers for testing purposes, a week after releasing the first RCs. The first iOS 18.2 RC had a build number of 22C150, while the second RC's build number is 22C151. Release candidates represent the final version of beta software that's expected to see a ...
Apple's forthcoming iPhone SE 4 will feature a single 48-megapixel rear camera and a 12-megapixel TrueDepth camera on the front, according to details revealed in a new Korean supply chain report.
ET News reports that Korea-based LG Innotek is the main supplier of the front and rear camera modules for the more budget-friendly ~$400 device, which is expected to launch in the first quarter of...
Apple plans to remove the notch from the MacBook Pro in a few years from now, according to a roadmap shared by research firm Omdia.
The roadmap shows that 14-inch and 16-inch MacBook Pro models released in 2026 will have a hole-punch camera at the top of the display, instead of a notch. It is unclear if there would simply be a pinhole in the display, or if Apple would expand the iPhone's...
Wednesday December 11, 2024 10:02 am PST by
Juli CloverApple today released macOS Sequoia 15.2, the second update to the macOS Sequoia operating system that was released in September. macOS Sequoia 15.2 comes over a month after the release of macOS Sequoia 15.1.
Mac users can download the macOS Sequoia update through the Software Update section of System Settings.
macOS Sequoia 15.2 adds Image Playground, an app that lets you create...
Norwegian payment service Vipps has become the world's first company to launch a competing tap-to-pay solution to Apple Pay on iPhone, following Apple's agreement with European regulators to open up its NFC technology to third parties.
Starting December 9, Vipps users in Norway can make contactless payments in stores using their iPhones. The service initially supports customers of SpareBank...
Wednesday December 11, 2024 10:03 am PST by
Juli CloverApple today released iOS 18.2 and iPadOS 18.2, the second major updates to the iOS 18 and iPadOS 18 updates that came out in September. The new updates come over a month after Apple released iOS 18.1 and iPadOS 18.1.
Subscribe to the MacRumors YouTube channel for more videos.
The new software can be downloaded on eligible iPhones and iPads over-the-air by going to Settings > General >...