News: Apple's iOS 12.4.1 for iPhone Fixes Jailbreak Vulnerability, 12.4.2 Patches Other Security Issue

Apple's iOS 12.4.1 for iPhone Fixes Jailbreak Vulnerability, 12.4.2 Patches Other Security Issue

While all eyes might be on the next beta release for iOS 13, Apple is still pumping out updates for iOS 12. The company released iOS 12.4.1, the first update since iOS 12.4, on Aug. 26. The latest update includes a patch for the jailbreak vulnerability recently discovered in 12.4. One month later, on Sept. 26, iOS 12.4.2 came out for older iPhone models.

Apple has long had disdain for jailbreaking, so it's no surprise the company released a patch for the vulnerability in iOS 12.4.1. It's unusual for a jailbreak to be so current, as it typically takes jailbreaks quite some time to break through each iteration of iOS. But Apple unintentionally un-patched a bug that allowed jailbreaking in iOS 12.2 versions, as indicated in the security release notes (which even thanked Pwn20wnd, who maintains the underc0ver jailbreak). The iOS 12.3 update patched it, but 12.4 took it back.

If you have no intention of jailbreaking, you can update without worry. However, know that if your iPhone is running iOS 12.4 or lower at this time, you have an excellent opportunity to jailbreak your iPhone. Though, your experience will depend on the type of iPhone model you have.

Kernel

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation
Impact: A malicious application may be able to execute arbitrary code with system privileges
Description: A use after free issue was addressed with improved memory management.
CVE-2019-8605: Ned Williamson working with Google Project Zero

We would like to acknowledge @Pwn20wnd for their assistance.

As for the iOS 12.4.2 release, it only applies to the iPhone 5S, 6, and 6 Plus, which cannot run iOS 13. The release notes just say it "includes improvements, provides important security updates, and is recommended for all users." Its security document states that it fixes an issue where "A remote attacker may be able to cause unexpected application termination or arbitrary code execution."

To download and install the update at this time, head to Settings –> General –> Software Update. Then, follow the on-screen instructions to download and install iOS 12.4.1 or 12.4.2 to your iPhone. You can also wait for it to install automatically if you have "Automatic Updates" toggled on.

Cover image and screenshots by Jake Peterson/Gadget Hacks

Master Your iPhone

Fresh tips & tricks every week.

Be the First to Comment

Share Your Thoughts

  • Hot
  • Latest