Apple has released a patch that fixes a vulnerability in the kernel of iOS that allows for public jailbreaking and arbitrary code execution via malicious applications. The vulnerability, (CVE-2019-8605), was initially discovered by Ned Williamson of Google Project Zero. Williamson was able to create an exploit, dubbed “Sockpuppet” by the researcher, and used the exploit to reach “the kernel_task port on iOS 12.2″ on his iPhone 6s+. This exploit was then fixed in Apple’s release of patch 12.3, but as Vice’s Lorenzo Franceschi-Bicchierai reported, the most recent 12.4 patch wound up reintroducing the vulnerability to iOS systems.
As Franceschi-Bicchierai reported Pwn20wnd, a hacker known for iOS jailbreaking, published what became the first public jailbreak in years. The jailbreak proved that 12.4 patch from Apple was flawed and it sent the company into emergency fix mode. According to Pwn20wnd’s Twitter activity, the hotfix took care of the issue. In a tweet, Pwn20wnd stated, “I can confirm the exploit was patched in iOS 12.4.1 — Stay on iOS 12.4!” Considering that jailbreaks are Pwn20wnd’s source of income, they understandably want people to stay on the exploitable 12.4 iOS version. For more security-minded individuals, this is idiotic advice and should be ignored unless you want to be vulnerable to exploits.
Apple is trying to put this iOS jailbreaking vulnerability incident behind them. Threatpost’s Lindsey O’Donnell reports in her own article covering the patch/unpatch situation that the company is not responding to requests for comment. It is understandable from a public relations perspective, as Apple likes to posture itself as a security-minded company (which leads to myths among its user base that Apple products are immune to hacking). When you bungle an iOS patch by reintroducing a historically significant flaw like this, sometimes the best strategy is to ignore the media for a while.
In any case, this proves that patching is only as efficient as those who work on the patches.
Featured image: Flickr / Toshiyuki IMAI
It’s okay. An individual, a group or even and organisation makes a mistake once in a while. Look at how much Apple do do that is good. One exploit every few years is a pretty good track record compared to compromises of some other services that have to FACE this and get BOOKed in the sport a lot often.