Apple puts the kibosh on vulnerability that let iPhone users jailbreak iOS 12.4
Apple has released an update to iOS 12.4, plugging a vulnerability that had been reintroduced which allowed for jailbreaking.
iOS 12.4.1 repatches a security flaw which Apple previously fixed and then, inexplicably or accidentally, unpatched. iPhone owners now face a dilemma: upgrade to iOS 12.4.1 and have the most up-to-date, secure operating system, or stick with iOS 12.4 and retain jailbreak.
See also:
- Now you can jailbreak iOS 12.4 -- or hack it
- Apple Card is now available to everyone in the US
- Trump says Tim Cook makes a 'compelling' argument against Apple paying tariffs
In releasing this update Apple does not -- unsurprisingly -- make any reference to jailbreaking, billing it merely as a security update. The company says that it "would like to acknowledge @Pwn20wnd for their assistance". @Pwn20wnd is a security researcher who discovered the flaw in iOS 12.4.
In a support article about the iOS 12.4.1 update, the Apple explains:
iOS 12.4.1
Released August 26, 2019
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation
Impact: A malicious application may be able to execute arbitrary code with system privilege
Description: A use after free issue was addressed with improved memory management.
CVE-2019-8605: Ned Williamson working with Google Project Zero
Making the upgrade will effectively kill jailbreak, and @Pwn20wnd initially warned:
iOS 12.4.1 is OUT.
Do *NOT* upgrade to it.
— Pwn20wnd is reviving 0-Days (@Pwn20wnd) August 26, 2019
The security researcher then went on to say:
I can confirm the exploit was patched in iOS 12.4.1 - - Stay on iOS 12.4!
— Pwn20wnd is reviving 0-Days (@Pwn20wnd) August 26, 2019
So, the choice is yours. Upgrade or jailbreak.
Image credit: MeskPhotography / Shutterstock