A new Unc0ver jailbreak tool works on almost every iPhone, including the iPhone 12. It is based on the same vulnerability Apple said may have been been actively exploited by hackers.
The approach works on iPhones running iOS 11 through to iOS 14.3, as Apple patched the flaws in iOS 14.4…
TechCrunch reports:
In a tweet, the jailbreak group said it used its “own exploit” for CVE-2021-1782, a kernel vulnerability that Apple said was one of three flaws that “may have been actively exploited” by hackers. By targeting the kernel, the hackers are able to get deep hooks into the underlying operating system […]
The group’s last jailbreak, which supported iPhones running iOS 11 to iOS 13.5, was fixed in a matter of days last year. Apple works quickly to understand and fix the vulnerabilities found by jailbreak groups, since these same vulnerabilities can be exploited maliciously.
Apple’s admission last month was an unusual one, but the company didn’t given any indication of either the scale or scope of any exploitation.
In addition to the new features detailed earlier today, iOS 14.4 also brings a trio of notable security improvements. In a new Support document published this afternoon, Apple said that iOS 14.4 fixes a kernel vulnerability and two WebKit vulnerabilities, all three of which “may have been actively exploited.”
Apple says that iOS 14.4 patches a security vulnerability in the kernel affecting iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation). The company only provides a brief description of the details:
-
Impact: A malicious application may be able to elevate privileges. Apple is aware of a report that this issue may have been actively exploited.
-
Description: A race condition was addressed with improved locking.
Given the potential exploitation, however, that would make the jailbreak a risky one, as it means remaining on a version of iOS that is known to have been specifically targeted by hackers.
FTC: We use income earning auto affiliate links. More.
Comments