Apple accidentally 'unpatches' bug in iOS 12.4, leaving users with the latest version of the software vulnerable to hackers
- Apple has inadvertently unpatched a more than 100-day-old flaw in the iOS
- The bug effects phones running iOS 12.4 and those below 12.3
- An exploit makes it possible to jailbreak the phone and also vulnerable to hacks
- Security researchers recommend not downloading apps until its re-patched
Apple has inadvertently unpatched a bug in its iOS that makes users with the newest software able to jailbreak phones, but also leaves them vulnerable to attack.
The bug, identified over the weekend by security researchers, was previously identified by Google analysts and patched in iOS 12.3, but a recent transition to 12.4 which was released in July, has given the more than 100-day-old flaw new life.
According to anonymous researchers who spoke to Motherboard, the bug significantly lowers the barrier for hackers looking to steal users' data.
Apple has inadvertently unpatched a bug in its iOS that makes users with the newest software able to jailbreak phones, but also makes them vulnerable to attack. File photo
'Due to 12.4 being the latest version of iOS currently available and the only one which Apple allows upgrading to, for the next couple of days (till 12.4.1 comes out), all devices of this version (or any 11.x and 12.x below 12.3) are jail breakable—which means they are also vulnerable to what is effectively a 100+ day exploit,' Jonathan Levin, a security researcher told Motherboard.
Theoretically, hackers with enough know-how could exploit flaws in Safari or, according to one researcher interviewed by Motherboard, 'make a perfect spyware.'
Malicious code exploiting the flaw could also be embedded into an app, which would make anyone who downloaded the code open to being hacked, or coupled with a browser attack to weaponize certain web pages.
It will likely be several days before Apple releases 12.4.1 to mend the reverted patch.
In the meantime, researchers have noted that the same flaw also allows users to jailbreak the phones, which marks the first publicly released jailbreak in several years.
Share this article
The term jailbreak refers to the process of altering fundamental software -- in this case, the iOS -- to allow a device to skirt the restrictions imposed by original developers.
According to Motherboard , Ned Williamson who works with Google's elite Zero Day bug confirmed that a jailbreak release by security researcher Pwn20wnd successfully jailbroke his iPhone XR.
Other users on Twitter also seem to have successfully used Apple's blunder to jailbreak their devices.
As noted by Motherboard, jailbreaks rarely go public since they often involve exploiting a security flaw -- vulnerabilities that are swiftly patched if made apparent to Apple.
Similarly, flaws in iOS also rarely find their way into the public sphere since they're are often traded for great deals of money -- potentially millions of dollars -- on the black market.
To avoid falling prey to the exploit, researchers recommend refraining from downloading new apps until iOS 12.4.1 is released.
'I hope people are aware that with a public jailbreak being available for the latest iOS 12.4 people must be very careful what Apps they download from the Apple AppStore,' Stefan Esser, a security researchers who focuses on iOS told Motherboard.
'Any such app could have a copy of the jailbreak in it.'
WHY IS APPLE KILLING OFF ITUNES AND WHAT WILL REPLACE IT?
Apple has officially broken up iTunes to make way for three new apps - Podcasts, TV and Music.
With the launch of macOS Catalina, Mac devices will come with separate apps for consuming podcasts, streaming music and playing videos.
Apple is effectively 'replacing' iTunes with the three separate apps, the firm said.
The new apps have 'all the features you'd expect from iTunes, all while being blazingly fast.'
The Music, Podcasts and TV apps feature a streamlined design, with fewer tabs and a cleaner user interface.
With the Music app, users have access to over 50 million songs, playlists and music videos.
With the launch of macOS Catalina, Mac devices will come with separate apps for consuming podcasts, streaming music and playing videos, effectively replacing iTunes
'And users will have access to their entire music library, whether they downloaded the songs, purchased them or ripped them from a CD,' Apple said.
'For those who like to own their music, the iTunes Music Store is just a click away.'
The Apple TV app for Mac packs many of the same features users would expect, like TV channels, personalized recommendations and more than 100,000 iTunes movies and shows.
Macs also have access to the Podcasts app, with more than 700,000 shows to choose from, curated content and more.
As the new trio of apps is replacing iTunes, many have been reflecting on the media software's legacy at Apple.
With the new Mac software, called Catalina, users also have access to the Podcasts app, with more than 700,000 shows to choose from, curated content and more
iTunes was launched in 2001 as an all-in-one media player for uploading music and video. Over the ensuing years, it became many users' primary platform listening to music and, after the launch of the iTunes Music Store, buying music.
It predated the launch of the iPod, which would come to revolutionize how people listen to music on the go.
iTunes is also widely regarded as one of the primary motivators behind Apple's increasing focus on services, with the firm launching audiobooks support, then support for TV shows, podcasts and movies not long after.
Despite iTunes' lasting impression on Apple, it had become largely irrelevant as users moved to iOS apps like Apple Music, Apple TV and others.
You really CAN teach an old dog new tricks: Hard work, persistence and practice can help elderly people improve their skills
