Developer and security researcher Min “Spark” Zheng, who is part of the Alibaba Security team, has presented a talk at this year’s Defcon 26 hacking conference relating to escaping Apple’s iOS 11 sandbox. The talk, which focuses on iOS 11, brings renewed hope of a potential iOS 11.4 jailbreak.
Up until now, there had been little hope of the community seeing a jailbreak for Apple’s 64-bit devices running iOS 11.4 or iOS 11.4.1. We had recently discussed this topic and highlighted the fact that there had been little to no action in terms of bugs and vulnerabilities found in Apple’s iOS 11.4 / 11.4.1 firmware.
At least anything that had been made public and released into the community. This latest presentation, which was discussed in detail on stage during Defcon 26 in Las Vegas, outlined two bugs as part of iOS 11.4 which were presented as part of a talk by Min Zheng and Xiaolong Bai called “Fasten your seatbelts: We are escaping iOS 11 sandbox!”
The advice of fastening a seatbelt is extremely pertinent as far as the jailbreak community is concerned. However, what this talk also does is a give a little more hope about the possibility of an iOS 11.4 jailbreak, albeit only a tiny amount of hope given the fact that Min Zheng has a history of discovering vulnerabilities for research purposes and then never actually releasing anything to the public.
— Min(Spark) Zheng (@SparkZheng) August 10, 2018
According to an update on his slides, both of the bugs covered in the presented were reported to Apple on June 7 and have been patched in iOS 11.4.1 and beyond, which means that iOS 11.4.1 is no longer vulnerable and iOS 12 is also patched.
That means that we know both bugs are present in iOS 11.4 and are now public thanks to this presentation and associated write-up. As expected, there has been no full exploit example provided, which means that anyone who is interested in creating a potential iOS 11.4 jailbreak will need to do the crux of the hard work themselves and find the other necessary components to put together a full and functional jailbreak.
That’s definitely not beyond the realms of possibility but we remain skeptical and hesitant about whether or not we will see an iOS 11.4 jailbreak in the foreseeable future.
The complete presentation can be grabbed from here.