Categories
News Tech

When Do We Get an iOS 12.0.1 Jailbreak?

We’re still here – all the people that waited for the iOS 12 jailbreak tool for months (we still do), but there’s no sign on it anywhere. However, this does not mean that the developers are not interested in it. Apple introduced us to the iOS 12 software and the A12 Bionic chip, so it’s much harder than before actually to jailbreak iPads or iPhones. One of the developers found and made the most out of an iOS 12.0.1 WebKit RCE bug that can be the basis of a new iOS 12.0.1 jailbreak somewhere in the future.

Is it really going to happen?

A Korean user called Ahn Ki Chan posted on Twitter that the developer named Kudima, also known as BigD got a WebKit RCE to exploit to the GitHub repository. This exploit works with 12.0.1, which means that there’s still a little hope that there will be an iOS 12.1.0 jailbreak. It also makes us understand that Apple patched the bug in the iOS 12.1, which was recently released and which came with brand new features and fixed issues – they finally solved Group FaceTime.

In the tweet, Chan said that Kudima submitted another Webkit RCE exploit to the repository and that he wrote the whole exploit together with a very detailed annotation, which can face iOS 12.0.1.

Kudima is very popular in the jailbreaking community. There’s another security researcher that’s quite known, that’s named Niklas B, who also praised Kudima, saying that the annotations and exploits are useful. In August, Kudima had submitted an annotated WebKit info leak exploit, that was meant for the iOS 11.4.1. The newest exploit given to us by the BigD is one step forward into the long journey that we have to deal with to get a released public iOS 12.0.1 jailbreak.

Categories
Tech

iOS 12.0.1 Security Flaw Allows Anyone To Access The Photo Album Without Unlocking the Devices

Apple struggles to keep its mobile and computer operating systems as inaccessible by hackers as possible. However, while some vulnerabilities might be useful for the community, such as those that allow programmers to develop iOS jailbreak solutions, others are exposing users to privacy leaks. Now, an iOS 12.0.1 security flaw allows malevolent people, once they achieve physical access to the device, to access the photo album and send images to whoever they want via Apple Messages.

The cybersecurity company ESET, the owner of NOD32 Antivirus, among others, has warned about this failure in Apple’s operating system, which powers iPhone and iPad devices. According to ESET, everyone who takes another’s Apple device running iOS 12.0.1 can access the photo album, bypassing the secure authentication process.

According to the ESET security researcher Jose Rodriguez, the security flaw lies in the possibility of taking advantage of Siri and VoiceOver to break the authentication of an Apple device running iOS 12.0.1.

A new iOS 12.0.1 security flaw is exposing users to a significant privacy leak

The privacy vulnerability is present in all iPhone models, including iPhone XS and XS Max, as well as iPad devices that are working with the latest version of the iOS operating system, the iOS 12.0.1.

Due to this iOS 12.0.1 security flaw, an unknown, malevolent person who gains access to an Apple device will be able to skip the authentication process, be it FaceID, password, or so on, and access the photo album and send pics to whoever he/she wants. According to ESET, “Apple is aware of the existence of this bug and is expected to launch an update shortly to repair it.”

In the meantime, the cybersecurity company urges users not to leave their phone within reach of unknown persons, as the only way to exploit the iOS 12.0.1 security flaw is to have physical access to the device.

Exit mobile version