Alibaba’s Min Zheng – more commonly known as @SparkZheng in online social circles – has confirmed that the latest Linus Henze Safari exploit, which we reported about yesterday, could be used in the production of a modern remote jailbreak.
Min Zheng is an extremely well-known and respected individual in the cyber research community. He currently operates in a cybersecurity role focusing on mobile platforms for Alibaba and has been personally responsible for multiple iOS exploits being pushed out into the public domain.
It’s that history and that level of expertise that makes the community stand up and listen when he speaks, and it’s for that reason that his latest tweet has managed to cause some excitement in the community:
Zheng, of course, as mentioned earlier was tweeting in relation to the news that we brought you yesterday regarding a WebKit exploit relating to RegEx which can be exploited via Safari allowing arbitrary code to run. With Apple patching this bug with the release of iOS 12.1.1, Linus Henze took the opportunity to release the bug into the public domain with the inclusion of a fairly simple proof-of-concept to show a very simple piece of code running. At that time, the jury was still out about whether or not this could be immediately useful from a jailbreak perspective but it seems that we have the trusted confirmation that we need.
We had previously commented that there was a fairly high chance that a discovery of this nature could potentially lead to a JailbreakMe-esque – i.e. a remote jailbreak – experience. This would involve visiting a purposefully created website which exploits the bug to inject its own jailbreak payload without having to install a jailbreak IPA file on the device.
Given that all of our recent jailbreaks have been semi-tethered and have involved installing an IPA file via Cydia Impactor, a JailbreakMe creation would be like a breath of fresh air. If a jailbreak is something that you are interested in then it would make sense to stay away from the installation of iOS 12.1.1 for now. Also, since Apple is still signing iOS 12.1 firmware, it’s not too late to downgrade to it if you have already upgraded to 12.1.1.
As always, if something more concrete develops in this situation, or something steps forward with more information, we will be sure to let you know.