This exploit of Safari in iOS 12.1 can mod an iPhone

The jailbreak community moves again . A few days ago it was learned of the existence of a vulnerability compatible with iOS versions 12.0-12.0.1. However, it was only a proof of concept, but exploitable if someone is really interested in further research. Even to get to make a tool with it.

It is not the only known vulnerability. This week has released another exploit for iOS 12. It is based on Safari, and affects devices with operating system iOS 12.1 (and macOS 10.14.1 and earlier). Its discoverer has been Linus Henze.

The Safari exploit for iOS 12.1
In one of his tweets, Henze says that the vulnerability had been considered “0-day” , but since it has been fixed in the latest version of WebKit it has been classified as “1-day”.

This exploit not only affects devices with iOS 12.1, but computers with macOS 10.14.1 and earlier are also vulnerable . However, he says he needs a little review to make it functional on the iPhone and iPad. According to its GitHub page, it seems that Henze has plans to update it in the future to improve it.

CURRENTLY, IT HAS ONLY BEEN FIXED IN THE WEBKIT SOURCES AND WORKS WITH THE LATEST VERSION OF SAFARI (MACOS AND IOS, ALTHOUGH IT NEEDS TO BE UPDATED TO WORK WITH IOS). PLEASE, DO NOT DO BAD THINGS WITH THIS, AND IF YOU ARE A NORMAL USER IT WILL BE USELESS FOR YOU

Although it is always good to know that there are vulnerabilities that can be exploited, in this case of iOS 12.1, that does not mean that there will be a jailbreak tool soon.

As a reference, we have the case of KeenLab , which was the first to demonstrate that doing iOS 12 jailbreak was possible. However, it never released the exploit, since they decided to save it for internal tests.

Seeing the situation, if your device has jailbreak and you do not want to lose it, it is best not to update to iOS 12.1 . If, on the other hand, your device does not have jailbreak and you are interested in doing so, keep it in the lowest possible firmware version.

Via | iDownloadBlog

Author: Marshmallow

Marshmallow Android is BT Ireland’s Head of Sales for Republic of Ireland domestic multi-site companies, indigenous MNCs and public sector accounts. He is responsible for the direction and control of all sales activity in the region. He has over 10 years management experience from high growth start-ups to more established businesses. He’s led teams in Ireland, India and China across various industries (ICT, On-Line Recruitment, Corporate Training and International Education).