Naked Security Naked Security

Emergency iOS patch fixes jailbreaking flaw for second time

With iOS 13 nearing release, Apple users perhaps thought they were done with iOS 12 updates for good. If so, they were wrong.

With iOS 13 nearing release, Apple users perhaps thought they were done with iOS 12 updates for good.

If so, they were wrong. On 26 August 2019, another update was released for the four-week-old iOS 12.4 in the form of iOS 12.4.1.

Apple doesn’t describe this as an ‘emergency’ patch – though as it addresses a serious vulnerability, it’s hard to interpret it as being anything else.

Why the rush? This is where it gets awkward for Apple. Version 12.4.1 closes a jailbreaking hole, which we delved into in some detail last week.

The short version

Originally patched in iOS 12.3 in May 2019 after being revealed by Google Project Zero researcher Ned Williamson as the ‘Sock Puppet’ exploit (CVE-2019-8605), the arrival of iOS 12.4 in July inadvertently undid that fix.

A researcher known as Pwn20wnd subsequently released a follow-up jailbreak exploit dubbed ‘unc0ver’ on 18 August 2019 which jailbroke some Apple iOS devices.

In other words, Apple fixed the flaw, accidentally unfixed it, and with the appearance of a jailbreak had to rush out iOS 12.4.1 to re-fix it for a second time.

The patch

Both Williamson and Pwn20wnd are credited by Apple in the company’s advisory, the latter with a single sentence:

We would like to acknowledge @Pwn20wnd for their assistance.

To which Pwn20wnd responded with the following tweet:

As previously explained, jailbreaking iOS devices fascinates some owners but the freedom it offers comes at the expense of making those devices vulnerable to hackers.

Ironically, this has happened only days after Apple boosted its maximum bug bounty reward for anyone able to find a kernel-level security flaw in iOS to $1 million, the biggest public bounty offered by any tech company.

While it’s unlikely the latest jailbreaking hacks would qualify (big rewards are reserved for flaws that require no user interaction) the fact that Apple somehow undid a fix for a flaw that might have qualified for a reward looks rather clumsy.

What to do?

Unless you really, definitely, absolutely want/need to jailbreak your iPhone – in which case you would probably have done it already anyway – we strongly recommend that you get the latest iOS update, given how widely the CVE-2019-8605 hole has been publicised.

To check if you’re up to date, and to get the update if not, head to: SettingsGeneralSoftware Update.

Note that this bug also exists in macOS, so Mac users need to update too. The macOS patch doesn’t get a new version number (it’s still macOS Mojave 10.14.6), so you need to check your build number instead.

At the time of writing [2019-08-28T14:45Z] your build number should be 18G95– here’s how to check:

Watch directly on YouTube if the video won’t play here.


Jailbreaking section starts at 2’51”
Click-and-drag on the soundwaves below to skip to any point in the podcast.

Audio player above not working? Download MP3, listen on Soundcloud or on Apple Podcasts, or access via Spotify.

Leave a Reply

Your email address will not be published. Required fields are marked *