Apple has released an update for iOS that fixes the vulnerability that allowed to install a jailbreak on an iPhone with the latest version of the OS.
Problem (CVE-2019-8605), discovered by a team member of Google Project Zero Ned Williamson (Ned Williamson), is a vulnerability use-after-free, with which is possible to execute code with system privileges at the core of iOS. This bug was fixed by Apple engineers in iOS 12.3, but the company accidentally re-introduced the vulnerability in iOS release 12.4. The iOS version 12.4.1 resolves this issue.
Last week, a researcher under the pseudonym Pwn20wnd published a jailbreak for iOS 12.4. The jailbreak was good news for many owners of iOS-devices, but experts in the security field warn that attackers can also use the opportunity to embed the exploit in malicious apps that will allow them to take control over the gadget. In this regard, all users are recommended to upgrade to iOS 12.4.1 as soon as possible. Updates are also available for watchOS (5.3.1), tvOS (12.4.1) and macOS Mojave (10.14.6).
Read more •••