Apple attaches great importance to update their operating systems and it instills the same sense to its users. Therefore, Apple always suggest to install all updates without exception, even if they are, at first glance, do not include new features. The company explained it is safety reasons because virtually every new build of the OS contains corrections of certain vulnerabilities. But sometimes something goes wrong and updates instead of protect, expose users to serious risk.
To run iOS 12.4, it became possible for randomly returning a vulnerability, which Apple has fixed in one of previous updates. Hackers from the team pwn20wnd took advantage of this and released a hacking tool Unc0ver, exploiting the very flaw of the operating system.
How to jailbreak
The news that iOS 12.4 is officially vulnerable and can be hacked, has become a significant event for the entire industry, because in recent years the concept of jailbreaking has virtually ceased to exist due to the high level of iOS security. Even though iPhone XR, XS and XS Max invulnerable to Unc0ver for hardware security Core Trust, all other iPhone and iPad are still exposed to hacking, which can be done even without a computer.
Whether it is dangerous? Of course, Yes. Despite the fact that Apple is usually set to steal paid apps, there are many other scenarios for its use. For example, thanks to the jailbreak is possible to open other vulnerabilities in the operating system, not to mention the fact that on a jailbroken gadget easier to install malware to spy on the user.
Vulnerabilities in iOS
In General, the fact that Apple accidentally removed the protection from the vulnerability, which was fixed a few months ago, is genuine bewilderment. It seems incredible that in Cupertino have made the mistake and actually put criminals into the hands of mechanism hacking iOS. Experts say that developers in the design of iOS 12.4 just used part of the code one of the previous builds of the OS, which contained an unpatched vulnerability. But worst of all, this is not the first case when from-for errors of iOS users at risk of hacking.
The examples are not far to seek. Only in the last couple of months in iOS found several vulnerabilities that allow to hack the operating system and install surveillance users. For example, in iMessage has been found a bugthat allowed to send to the device the victim of malicious component to track his actions. In this case the user himself to do anything it was not necessary — everything happens automatically regardless of his will.
In General, the problem of surveillance has been a sore point for iOS users. Another similar case occurred in July. Then in the Bluetooth Protocol has a vulnerability that could be used to track the movements of users. She hid in the mechanism of generation of Mac addresses, changing at random. However, due to the desync that happened from time to time, hackers have the opportunity to predict new address and thus identify a particular person among hundreds of others.