Industry News

D’oh! Apple botches iOS update, leaves iPhones open to jailbreaking

D'oh! Apple botches iOS update, leaves iPhones open to jailbreaking

For the first time in years, hackers have created a working exploit that can jailbreak the latest, fully-updated version of iOS.

And a goof by Apple has allowed them do it.

The result? Millions of Apple iPhone and iPad users who thought they were doing the right thing by updating their devices to iOS 12.4 are at an increased risk of being successfully attacked by hackers through the vulnerability.

Normally iPhones and iPads running the latest version of iOS are locked down, preventing users from installing code that has not been scrutinised by Apple’s security team and reducing the chances of malware infiltrating devices.

But a jailbroken iPhone or iPad opens doors for unauthorised and pirated iOS apps to be installed, which may be boobytrapped to spy upon your communications or even – potentially – hold your data to ransom.

Normally the source code for a jailbreak exploit is not made publicly available before Apple has pushed out a security update to prevent it from working.

In this case, however, things have definitely not gone to plan.

The story starts in March, when researcher Ned Williamson uncovered a security hole in iOS. However, he didn’t make details of the vulnerability public until after Apple had issued a patch – in the form of iOS 12.2 – in May.

That, most of us would have thought, would have been the end of the matter. However, somehow Apple managed to undo its patch when it released iOS 12.4 in late July.

iOS 12.4, if you recall, was an important security update for Apple’s mobile operating system because it fixed a critical vulnerability that could allow a remote attacker to attack an iPhone just by sending a maliciously-crafted iMessage.

Now we learn that although Apple successfully closed one critical security hole in iOS 12.4, it unwittingly reopened an old one.

A security researcher by the name of Pwn20wnd has publicly released a jailbreak that exploits the bug that came back from the dead.

An obvious fear is that organised criminal gangs and state-sponsored hackers might attempt to exploit the vulnerability to launch attacks, steal data, and spy on persons of interest.

Pwn20wnd told Motherboard that “it is very likely that someone is already exploiting this bug for bad purposes.”

No doubt Apple is working feverishly to fix the vulnerability once and for all and investigate how it could have made the mistake of reopening an on old security hole that everyone thought had already been patched.

When Apple does release an update to iOS, make sure to install it as soon as possible – and let’s hope they don’t break anything else in the process.

About the author

Graham CLULEY

Graham Cluley is an award-winning security blogger, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by companies such as Sophos, McAfee and Dr Solomon's. He has given talks about computer security for some of the world's largest companies, worked with law enforcement agencies on investigations into hacking groups, and regularly appears on TV and radio explaining computer security threats.

Graham Cluley was inducted into the InfoSecurity Europe Hall of Fame in 2011, and was given an honorary mention in the "10 Greatest Britons in IT History" for his contribution as a leading authority in internet security.

4 Comments

Click here to post a comment

Leave a Reply to George Cancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

  • Sorry, but I don't agree.

    Most people that indeed jailbreak do it knowing what they're doing. Those that do get 'hacked' are kids that don't have much to lose.

    Until Apple stops pushing with the planned obsolescence for real and adds common sense features, there will be jailbreak and people will not update to the latest versions.

  • Graham, I think you meant to say:
    "However, he didn’t make details of the vulnerability public until after Apple had issued a patch – in the form of iOS 12.3 – in May."

    iOS 12.2 still had the security flaw and is listed as susceptible to the Undecimus jailbreak. I'm going to hazard a guess that the flaw is CVE-2019-8586, which is still generic over at Mitre. In Apple's "About the security content of iOS 12.3", it's description is:

    "CVE-2019-8586: an anonymous researcher."

    – I'll leave out the relevant articles links as the current fad in comment spam filters is to kill all comments containing URLs. (o_0)

  • And then I read the Release notes at the GitHub page for the 'Undecimus' jailbreak written by pwn20wnd. (Again, I'm not going to post a URL due to spam filtering algorithm madness).

    I've run into conflicting information. I say this because pwn20wnd claims the following for his version 3.4.1 Release:

    “• Add iOS 12.3~b1 support to the jailbreak (Verified working on iPhone 5s).”

    That would indicate that the security flaw may have failed to be successfully patching in iOS 12.3. Then for his version 3.5.4 Release he states:

    “• Fix instant or random reboots after jailbreaking with the SockPuppet3.0 exploit on A7-A12X devices on iOS 11.0-12.4.”

    Again, iOS 12.3 is included as susceptible.

    Let's see how Apple sorts this out. We wait…