Apple released iOS 12.4.1 today to fix a security flaw reintroduced with the release of iOS 12.4, and used by security researcher Pwn20wnd to develop and release a jailbreak tool for up-to-date iOS devices.
The vulnerability patched today by Apple is a use after free tracked as CVE-2019-8605 targeted by the Sock Puppet exploit that was used to create jailbreak tools for iOS devices.
The flaw was discovered by Google Project Zero’s Ned Williamson, was previously patched by Apple with the iOS 12.3 release from May 13, and was now re-patched in iOS 12.4.1.
Apple recognizes jailbreak developer’s contribution
As Apple’s support document describing the security content of iOS 12.4.1 says, the flaw could have been abused by malicious applications which then could have been “able to execute arbitrary code with system privileges.”
The use after free security issue was addressed by Apple with the introduction of improved memory management thus blocking the access of maliciously crafter apps to pointers that have already been freed.
The iOS 12.4.1 security content mentions patching the bug used by the SockPuppet exploit.
Apple also credited me for assistance with the kernel — I credited them for the jailbreak so it seems like they wanted to do the same thing ;P. pic.twitter.com/IvyOgv0G3v
— Pwn20wnd is reviving 0-Days (@Pwn20wnd) August 26, 2019
Apple acknowledged Google Project Zero’s Ned Williamson contribution in finding and fixing this security issue and provided additional recognition for Pwn20wnd’s assistance.
Besides allowing jailbreak developers to add support for Apple’s latest iOS versions, the flaw fixed today by Apple is also a critical vulnerability that can open the doors to attackers targeting the company’s large iOS user base.
I hope people are aware that with a public jailbreak being available for the latest iOS 12.4 people must be very careful what Apps they download from the Apple AppStore. Any such app could have a copy of the jailbreak in it.
— Stefan Esser (@i0n1c) August 19, 2019
Security researcher Stefan Esser also warned iOS users that once iOS 12.4 was exploitable by iOS jailbreak developers, anyone else could also do it as well, with malicious iOS apps released through Apple’s App Store also possibly taking advantage of the bug.
While this was a huge blunder from Apple’s team, this security update showed that the company can also respond very quickly to severe threats exposing its users to potentially highly damaging attacks.