The vulnerability was initially discovered by a Google researcher and was patched in the previous version of Apple’s mobile operating system, iOS 12.3. But the iOS 12.4 update that Apple released more recently re-introduced the security flaw.
Stefan Esser, CEO of Germany-based IT security company Anditd0te, warned that iPhone owners should be careful about what apps they download from the App Store until the vulnerability is fixed.
One security researcher referred to as Pwn20wned published a jailbreak for the iPhone on Monday, according to Motherboard. That researcher also told the publication that the vulnerability in iOS 12.4 can be exploited in a number of ways, including by malicious actors developing apps that can bypass Apple’s sandbox and access data stored on your phone. A hacker could also hide the exploit in a web browser.
Jailbreaking is a hack that makes it possible to override Apple’s security restrictions so that it’s possible to install apps and other software features not authorized by Apple. Jailbreaks were once very popular among iPhone owners that wanted to customize their phones more freely outside of Apple’s rules and restrictions.
But jailbreaking an iPhone also poses serious security risks because it means you’re no longer protected by the safeguards that come with iOS. Apple has cracked down on iPhone jailbreaks in recent years and has made them all but obsolete.
Apple did not immediately respond to Business Insider’s request for comment and additional information. The company has not yet released a subsequent software update to address the issue.
iOS 12.4 is the most recent version of Apple’s iPhone software that’s required to apply for the Apple Card, which the company launched for iPhone owners in the United States on Tuesday. It also brings other updates to Apple News and fixes the Apple Watch’s Walkie-Talkie functionality.
Kenyan Business Feed is the top Kenyan Business Blog. We share news from Kenya and across the region. To contact us with any alert, please email us to firstname.lastname@example.org