Apple Inadvertently Reversed A Patch That Lead To iOS 12.4 Being Jailbroken

  • 3

Apple released its iOS 12.4 in the previous month while fixing a Walkie-Talkie bug breaching user’s privacy. However, little did they realize that they have inadvertently reversed a fix for a previous vulnerability. Nonetheless, the hackers didn’t miss to pick this mistake up and exploit it to jailbreak iPhones. Reportedly, a researcher has pointed out an iOS 12.4 jailbreak while demonstrating the flaw.

Vulnerability Triggering iOS 12.4 Jailbreak

Apple has accidentally unpatched an already known vulnerability in iOS 12.4. The vulnerability previously existed in iOS 12.2, Apple fixed it with iOS 12.3. However, it turns out that Apple reversed the fix (certainly by mistake) while releasing iOS 12.4. Consequently, allowing for the Jailbreak.

In a recent report, Motherboard disclosed that Apple reintroduced the bug in the latest iOS version. The vulnerability CVE-2019-8605 first affected iOS 12.2 allowing potential attackers to execute arbitrary codes on the target device. Ned Williamson working with Google Project Zero first discovered this flaw termed as ‘SockPuppet’.

The vulnerability now reappears in iOS 12.4, where it allows jailbreaking the latest iOS version for the first time. Thus, it becomes a security problem if a criminal hacker exploits it. Researcher Pwn20wnd has already released the jailbreak publicly. Speaking to Motherboard, he explained that “somebody could make perfect spyware” by exploiting the flaw.

Refrain From Installing Apps Until Next iOS Update

Many users have successfully jailbroken their devices using Pwn20wnd’s app. While that may sound interesting, they have unknowingly made their devices vulnerable to hacks as well. Security researcher Stefan Esser has already warned users in this regard.

According to his guesstimate, it is entirely possible that the malicious actors may enter the App  to the store in a few days to hack iPhone users.

This means only users with their devices running on iOS 12.3 are safe for now. Otherwise, even with the latest iOS 12.4 users are also vulnerable to cyber-attacks. Therefore, the only viable option for the users to stay safe is to wait for the release of iOS 12.4.1 and refrain from jailbreaking their devices or downloading any apps until then.

Let us know your thoughts in the comments.


Abeerah Hashim

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]

Do NOT follow this link or you will be banned from the site!