Security researcher Jann Horn publishes a privilege escalation bug in iOS 12.1.1

Given everything that’s been happening in the security research space lately, iOS 12 appears to be far from non-exploitable. On the other hand, bugs, exploits, and vulnerabilities for Apple’s latest and greatest operating just keep rolling in with each passing day, and this could potentially be great news for the jailbreak community.

The latest of such occurrences involves a privilege escalation bug for iOS 12.1 and earlier by Jann Horn of Google Project Zero. The security researcher published his notes online regarding the bug Monday afternoon, just five days after Apple publicly released iOS 12.1.1 to patch the bug, along with several others.

Not much is known about Horn’s bug at this time, but citing Apple’s security content page for iOS 12.1.1, the bug meant that “an application may be able to execute arbitrary code with kernel privileges.”

Apple allegedly responded to the bug in the latest iOS update by addressing a memory corruption issue in the operating system and improving state management.

It’s impossible to tell at this time if this particular bug will contribute to any future jailbreak tool developments, but if you’re not already jailbroken and you’re waiting for a new jailbreak to materialize, then the best thing you can do is stay on the lowest possible firmware and avoid updating.

As we learned from one of KeenLab’s recent demonstrations, iOS 12 is indeed jailbreakable. For now, it seems the community is just waiting on the proper exploits to surface and for a willing jailbreak developer integrate it into a user-friendly tool. For those wondering, there’s no telling when that could happen; all we can do is speculate.

As of this writing, the latest jailbreak available to the public is Pwn20wnd’s unc0ver tool, which supports iOS versions 11.0 through 11.4 beta 3; there is no jailbreak available for iOS 11.4 and later.

Are you excited to see all these iOS 12-centric security holes getting published as of late? Let us know how you feel about the situation in the comments section below.

Leave a Reply