iPhone vulnerability that lets users ‘jailbreak’ their devices to run apps and software that have not been approved by Apple is discovered
- Jailbreaking is able to run because of exploits and bugs found in Apple software
- This is the first time a jailbreak has worked on newer Apple devices in four years
- It uses an exploit that can also be used by malicious hackers to steal information
A vulnerability in iPhones and iPads – even those running the latest iOS 13.5 – lets users by-pass Apple’s limitations and install apps not approved by the company.
Jailbreaking has been around since the first iPhone as it gives users more control over the otherwise locked down device, but Apple soon releases updates to block it.
The ‘jailbreaking software’ uses an exploit in the device that is also used by malicious hackers to take over devices and steal personal information.
According to Pwn20wnd, the security researcher who discovered the flaw that led to the latest jailbreak said Apple were likely to fix it sooner or later.
A vulnerability in iPhones and iPads – even those running the latest iOS 13.5 – lets users by-pass Apple’s limitations and install apps not approved by the company
This latest exploit to allow jailbreaking software to work is the first time it’s been possible on new Apple devices in four years.
‘It will most likely take them at least two or three weeks to release a patch,’ according to Pwn20wnd.
‘Even when they release a patch, users can downgrade to the previous iOS version for about two weeks usually, and after that the users should stay on their versions so that the jailbreak keeps working.’
Even though jailbreaking poses a security risk due to the fact it uses exploits that leave iOS open to hacking, Pwn20wnd, the researcher that spotted the exploit, said Apple’s security mechanisms are intact.
Newer iPhones have extra hardware in them making it very difficult for code not approved by Apple to be installed on the devices.
This is why it has taken so long for an exploit to be discovered that allows for jailbreaking on new phones.
Pwn20wnd didn’t go into any specific details about the flaw, but told Vice that Apple’s iOS has become a ‘big target for attackers’, adding that the company constantly adding new features creates new attack surfaces.
This latest exploit to allow jailbreaking software to work is the first time it’s been possible on new Apple devices in four years and works on devices running the latest iOS 13.5
The new jailbreak software, called unc0ver, can be applied to every iOS version on every device, according to its developers.
It will work on iPhone 11, iPhone SE and the 2020 iPad Pro even if it is running iOS 13.5 – the latest version of the mobile operating system currently available.
The previous jailbreak tool only worked on devices with the A11 Bionic chip – found in the iPhone 8 and iPhone X – but not newer phones or tablets.
When it was announced that the jailbreak patch was available, unc0ver said their website had gone down due to demand from people looking for the software.
Apple have been asked to comment on the exploit but have yet to respond.
Source: Read Full Article