Author Topic: iOS 12.4 Jailbreak Released After Apple Unpatches Older Bug  (Read 376 times)

Offline javajolt

  • Administrator
  • Hero Member
  • *****
  • Posts: 35126
  • Gender: Male
  • I Do Windows
    • windows10newsinfo.com
iOS 12.4 Jailbreak Released After Apple Unpatches Older Bug
« on: August 20, 2019, 11:36:42 AM »
iOS security researcher Pwn20wnd released a public jailbreak for the latest stable iOS version after Apple reintroduced a vulnerability patched in iOS 12.3, previously exploited to jailbreak iOS 12.2.

Besides the newly available jailbreak for Apple latest iOS version, this should also be considered as a critical vulnerability reintroduced in Apple's mobile operating system that could open the doors to potential attackers targeting the company's huge iOS user base.

Security researcher Stefan Esser also warned iOS users in a tweet that once iOS 12.4 is exploitable by those who want to jailbreak it, anyone else could also do it, even via iOS apps released through Apple's App Store.

The vulnerability reintroduced by Apple is a use after free tracked as CVE-2019-8605 and discovered by Google Project Zero's Ned Williamson and patched by Apple with the iOS 12.3 release from May 13.

This security flaw made it possible for maliciously crafted apps to execute arbitrary code using system privileges on iPhone 5s and later, iPad Air and later, and iPod touch 6th generation.

Williamson released an iOS 12.2 exploit in July and dubbed it SockPuppet, an exploit which was included by hackers as part of new jailbreaks targeting that iOS version until Apple patched it and released 12.3.

However, somehow Apple reintroduced the CVE-2019-8605 flaw in iOS 12.4, which means that the same exploit used in 12.2 now works on version 12.4.

This was used by iOS hacker and researcher Pwn20wnd who created and published a new version of its jailbreaking tool, unc0ver v3.5.0, "with iOS 12.4 support for A7-A11 devices" on August 18.

Version 3.5.1 was released today to fix reliability and random reboots for people using it to jailbreak their 12.4 devices. To add insult to injury, the new unc0ver releases come with support for iOS 11.0 through 12.4.

Pwn20wnd also decided to give Apple credits for reenabling the Sock Puppet exploit within the new release's changelog:

Quote
   • Add the updated SockPuppet 3.0 exploit by @umanghere

   • Remove the SockPort and SockPort2 exploits

   • Update system-memory-reset fix to fix random reboots

   • Add Apple to the credits section for development

   • Fix error at stage 2 when jailbreaking after updating from a lower firmware while preserving the app
     data

   • Fix the app crashing upon stared up on iOS 11

After the new jailbreak was released by Pwn20wnd, lots of iOS users went on Twitter and reported that they've already tested it and that it works as advertised.

While this is a huge blunder from Apple's team, a very quick security update is also due to be released by the company sooner than later given that its iOS users are exposed by a huge attack surface.

source