What you need to know
- Apple has apparently unpatched a vulnerability in iOS 12.4.
- This has prompted a new public jailbreak to be released.
- Security researchers are warning the unpatched vulnerability could lead to big problems for iPhone users.
A vulnerability that Apple previously patched has reportedly been mistakenly unpatched in iOS 12.4, making it possible to jailbreak modern iPhones.
According to Motherboard, security researchers discovered Apple's snafu over the weekend. A jailbreak from Pwn20wnd was then released on Monday, making it the first time a jailbreak has been publicly released in several years.
These days, jailbreaks are apparently kept private in an effort to keep Apple from discovering and patching exploits. As Motherboard points out, major iPhone exploits can sell for millions of dollars.
The latest jailbreak can supposedly be used with any device running iOS 12.4 (and below iOS 12.3). That's a big problem for Apple, according to Jonathan Levin, a security researcher who spoke with Motherboard. Because Apple mistakenly unpatched the vulnerability, devices running iOS 12.4 could be susceptible to exploits.
With the iPhone once again vulnerable, hackers could potentially "make a perfect spyware" through a malicious app. An exploit could also be placed on a malicious webpage, Motherboard's report said.
Now that the jailbreak has been made public, Apple will likely release iOS 12.4.1 to close the vulnerability. For now, be cautious of what app you install from the App Store, because any app could have a copy of the jailbreak in it, according to security researcher Stefan Esser.
Update August 20: Clarified language about which versions of iOS can be jailbroken.