Published: Thu, August 22, 2019
Tech | By Anita Cain

IOS 12.4 jailbreak publicly released following accidental vulnerability unpatch by Apple

IOS 12.4 jailbreak publicly released following accidental vulnerability unpatch by Apple

However, somehow Apple reintroduced the CVE-2019-8605 flaw in iOS 12.4, which means that the same exploit used in 12.2 now works on version 12.4.

Another security researcher, Pwn20wnd, has published a jailbreak for the iOS 12.4. Naturally, platform makers like Apple have been closing those security holes because, aside from granting users privileged access, they can also give hackers the ability to bypass iOS security.

"The objective of this lawsuit Isn't to encumber good-faith safety Research, but to bring an end to Corellium's unlawful commercialization of Apple's valuable copyrighted works", Apple's counsel argues in its initial complaint.

Over the weekend a hacker who goes by the name Pwn20wned began refining jailbreaks based on SockPuppet so they support a wider variety of Apple's A processors used in iOS devices. Jailbreaks are seen as the holy grail by many security researchers because it shows that Apple's usual water-tight security can be breached.

Blake Collins, research analyst at website security firm SiteLock LLC told SiliconANGLE that although jailbreaking and rooting are great options for consumers who want to have more control over the software on their devices, the phones are now vulnerable to spyware or worse. But the news outlet notes that the "barriers to entry and now much lower". An exploit could also be placed on a malicious webpage, Motherboard's report said. Apple will likely fix the bug very soon. For example, he said, a malicious app could include an exploit for this bug that allows it to escape the usual iOS sandbox-a mechanism that prevents apps from reaching data of other apps or the system-and steal user data...

If you own an older iPhone or iPad and have already jailbroken it using Unc0ver, you should delete the app from your device before installing this one.

Like this: