• Skip to main content
  • Skip to secondary menu
  • Skip to primary sidebar
  • Home
  • Contact Us

iHash

News and How to's

  • The 2023 Adobe Creative Cloud Beginner to Advance Bundle for $59

    The 2023 Adobe Creative Cloud Beginner to Advance Bundle for $59
  • The Complete 2023 Business Accounting Mastery Bundle for $49

    The Complete 2023 Business Accounting Mastery Bundle for $49
  • Universal VR Set Glasses Goggle Bundle for PC Android Phone for iPhone for $125

    Universal VR Set Glasses Goggle Bundle for PC Android Phone for iPhone for $125
  • Scanner Device Detector for GPS Tracker Wireless Listening Device Camera Finder 5 Levels Sensitivity 25H Working Time for $44

    Scanner Device Detector for GPS Tracker Wireless Listening Device Camera Finder 5 Levels Sensitivity 25H Working Time for $44
  • VYSN RockinPods TWS Waterproof Bluetooth Earbuds for $24

    VYSN RockinPods TWS Waterproof Bluetooth Earbuds for $24
  • News
    • Rumor
    • Design
    • Concept
    • WWDC
    • Security
    • BigData
  • Apps
    • Free Apps
    • OS X
    • iOS
    • iTunes
      • Music
      • Movie
      • Books
  • How to
    • OS X
      • OS X Mavericks
      • OS X Yosemite
      • Where Download OS X 10.9 Mavericks
    • iOS
      • iOS 7
      • iOS 8
      • iPhone Firmware
      • iPad Firmware
      • iPod touch
      • AppleTV Firmware
      • Where Download iOS 7 Beta
      • Jailbreak News
      • iOS 8 Beta/GM Download Links (mega links) and How to Upgrade
      • iPhone Recovery Mode
      • iPhone DFU Mode
      • How to Upgrade iOS 6 to iOS 7
      • How To Downgrade From iOS 7 Beta to iOS 6
    • Other
      • Disable Apple Remote Control
      • Pair Apple Remote Control
      • Unpair Apple Remote Control
  • Special Offers
  • Contact us

iOS 12.4 jailbreak released after Apple ‘accidentally un-patches’ an old flaw

Aug 20, 2019 by iHash Leave a Comment

iphone jailbreak ios 12.4

A fully functional jailbreak has been released for the latest iOS 12.4 on the Internet, making it the first public jailbreak in a long time—thanks to Apple.

Dubbed “unc0ver 3.5.0,” the jailbreak works with the updated iPhones, iPads and iPod Touches by leveraging a vulnerability that Apple previously patched in iOS 12.3 but accidentally reintroduced in the latest iOS version 12.4.

Jailbreaking an iPhone allows you to install apps and other functions that are usually not approved by Apple, but it also disables some system protections that Apple put in place to protect its users, opening you up to potential attacks.

Usually, iPhone Jailbreaks are sold for millions of dollars by exploit brokers, but if you want to jailbreak your Apple device, you can do it for free.

An anonymous researcher who goes by the online alias “Pwn20wnd” has released a free jailbreak for iOS 12.4 on GitHub that exploits a use-after-free vulnerability in iOS kernel responsibly reported to Apple earlier this year by Ned Williamson, a researcher working with Google Project Zero.

The vulnerability, tracked as CVE-2019-8605, allows an application to execute arbitrary code with system privileges on a target Apple device, which can not only be used to jailbreak them but also leaves users vulnerable to hackers.

According to researchers, besides embedding the exploit into an innocent-looking app, the vulnerability can also be exploited remotely by combining it with sandbox bypass flaws in Apple Safari web browser or other Internet exposed services.

ios iphone jailbreak exploit

Though Apple patched this vulnerability in iOS 12.3, it accidentally reintroduced the same bug in iOS 12.4, making it easier for hackers to compromise Apple devices.

As Pwn20wnd told Motherboard, “somebody could make perfect spyware by exploiting this vulnerability.”

“For example, he said, a malicious app could include an exploit for this bug that allows it to escape the usual iOS sandbox—a mechanism that prevents apps from reaching data of other apps or the system—and steal user data.”

The new jailbreak works on updated iOS devices, including the iPhone XS, XS Max, and XR or the 2019 iPad Mini and iPad Air, running iOS 12.4 and iOS 12.2 or earlier, but does not work at all on devices running iOS 12.3 that patched the bug.

Several Apple users have taken to Twitter, claiming they used the Pwn20wnd jailbreak tool to successfully jailbreak [1, 2, 3, 4] their Apple devices, including the recent iPhone X and iPhone XR, and posting screenshots of their iPhone screens with unapproved app installations.

Since Apple doesn’t allow users to downgrade their operating system, users who have already upgraded their Apple devices to the latest version of iOS released late last month are left with no option other than waiting for an update from Apple.

Likely, Apple is already working on a patch to re-implement its earlier patch that will be released with iOS 12.4.1. Meanwhile, you should also beware of apps you download from the App Store until a patch releases.

Source link

Share this:

  • Facebook
  • Twitter
  • Pinterest
  • LinkedIn

Filed Under: Security Tagged With: 124, accidentally, Apple, cyber attacks, cyber crime, Cyber Security, cyber threats, cybersecurity, data breaches, Flaw, hacker, hacker news, hacking, hacking news, how to hack, incident response, information security, iOS, jailbreak, network security, Released, risk management, security breaches, security vulnerabilities, the hacker news, unpatches, web applications

Special Offers

  • The 2023 Adobe Creative Cloud Beginner to Advance Bundle for $59

    The 2023 Adobe Creative Cloud Beginner to Advance Bundle for $59
  • The Complete 2023 Business Accounting Mastery Bundle for $49

    The Complete 2023 Business Accounting Mastery Bundle for $49
  • Universal VR Set Glasses Goggle Bundle for PC Android Phone for iPhone for $125

    Universal VR Set Glasses Goggle Bundle for PC Android Phone for iPhone for $125
  • Scanner Device Detector for GPS Tracker Wireless Listening Device Camera Finder 5 Levels Sensitivity 25H Working Time for $44

    Scanner Device Detector for GPS Tracker Wireless Listening Device Camera Finder 5 Levels Sensitivity 25H Working Time for $44
  • VYSN RockinPods TWS Waterproof Bluetooth Earbuds for $24

    VYSN RockinPods TWS Waterproof Bluetooth Earbuds for $24

Reader Interactions

Leave a Reply Cancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Primary Sidebar

  • Facebook
  • GitHub
  • Instagram
  • Pinterest
  • Twitter
  • YouTube

More to See

Dotan Horovits

Is Kubernetes Monitoring Flawed? | Logz.io

Feb 7, 2023 By iHash

New Survey Finds Consumers Give Chatbots a Failing Grade in Customer Experience

Feb 7, 2023 By iHash

Tags

* Apple Cisco computer security cyber attacks cyber crime cyber news cybersecurity Cyber Security cyber security news cyber security news today cyber security updates cyber threats cyber updates data breach data breaches google hacker hacker news Hackers hacking hacking news how to hack incident response information security iOS 7 iOS 8 iPhone Malware microsoft network security ransomware ransomware malware risk management Secure security security breaches security vulnerabilities software vulnerability the hacker news Threat update video Vulnerabilities web applications

Latest

The Power of Relationships: Executive Buy-In and Security Culture for Bolstering Resilience

The Power of Relationships: Executive Buy-In and Security Culture for Bolstering Resilience

“Where do we start?” This is the question every CISO asks about every new program. In fact, I ask and answer that question many times a month. There’s a reason for this, of course. A strong start to any project builds momentum, reassures stakeholders, and sets the stage for what’s to come. Security resilience initiatives […]

Cisco Secure at Cisco Live EMEA 2023

Cisco Secure at Cisco Live EMEA 2023

Cisco Live is the premier destination for Cisco customers and partners to gain knowledge and build community. Our teams work hard to deliver education and inspiration, ignite creativity, deliver practical know-how, and accelerate the connections that fuel your digital future. The Cisco Secure team is excited to share our expertise to help power the strategies […]

The 2023 Adobe Creative Cloud Beginner to Advance Bundle for $59

Expires November 25, 2122 23:59 PST Buy now and get 97% off Adobe Acrobat Pro DC (Beginner) KEY FEATURES Workplace demand for digital media skills including creating, managing, and integrating PDF documents is on the rise. In this course, students will learn the basics of creating PDF documents and modifying PDFs within Adobe Acrobat DC […]

Implementing AI into Enterprise Search to Make It Smarter

AI has the potential to be a game-changer for businesses that are experiencing a digital transformation, provided that it is correctly applied. While the economy is still struggling to recover, the value of technology like Machine Learning (ML) and Natural Language Processing (NLP) is on the rise. These technologies assist businesses in initiating and accelerating […]

GuLoader Malware Using Malicious NSIS Executables to Target E-Commerce Industry

Feb 06, 2023Ravie LakshmananCyber Attack / Endpoint Security E-commerce industries in South Korea and the U.S. are at the receiving end of an ongoing GuLoader malware campaign, cybersecurity firm Trellix disclosed late last month. The malspam activity is notable for transitioning away from malware-laced Microsoft Word documents to NSIS executable files for loading the malware. […]

Scanner Device Detector for GPS Tracker Wireless Listening Device Camera Finder 5 Levels Sensitivity 25H Working Time for $44

Expires January 31, 2123 18:01 PST Buy now and get 61% off PRODUCT SPECS Batteries Required? Yes Power Source Battery Powered Item Dimensions LxWxH 4.1 x 0.97 x 0.58 inches Battery Life 25 Hours function logProductOverviewMetric(metric) { if(typeof window.csa !== ‘undefined’) { var myEvents = csa(“Events”, {producerId: “dppinfo”}); myEvents(“log”, { schemaId: “dppinfo.productOverviewClientSideEvents.1”, eventName: metric }, […]

Jailbreak

Pangu Releases Updated Jailbreak of iOS 9 Pangu9 v1.2.0

Pangu has updated its jailbreak utility for iOS 9.0 to 9.0.2 with a fix for the manage storage bug and the latest version of Cydia. Change log V1.2.0 (2015-10-27) 1. Bundle latest Cydia with new Patcyh which fixed failure to open url scheme in MobileSafari 2. Fixed the bug that “preferences -> Storage&iCloud Usage -> […]

Apple Blocks Pangu Jailbreak Exploits With Release of iOS 9.1

Apple has blocked exploits used by the Pangu Jailbreak with the release of iOS 9.1. Pangu was able to jailbreak iOS 9.0 to 9.0.2; however, in Apple’s document on the security content of iOS 9.1, PanguTeam is credited with discovering two vulnerabilities that have been patched.

Pangu Releases Updated Jailbreak of iOS 9 Pangu9 v1.1.0

  Pangu has released an update to its jailbreak utility for iOS 9 that improves its reliability and success rate.   Change log V1.1.0 (2015-10-21) 1. Improve the success rate and reliability of jailbreak program for 64bit devices 2. Optimize backup process and improve jailbreak speed, and fix an issue that leads to fail to […]

Activator 1.9.6 Released With Support for iOS 9, 3D Touch

  Ryan Petrich has released Activator 1.9.6, an update to the centralized gesture, button, and shortcut manager, that brings support for iOS 9 and 3D Touch.

Copyright iHash.eu © 2023
We use cookies on this website. By using this site, you agree that we may store and access cookies on your device. Accept Read More
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT