Premium
This is an archive article published on September 28, 2019

New unfixable iOS exploit could leave millions of iPhones open to jailbreaking

The exploit will allow researchers to completely take over the unit and run customised software, which is far beyond what Apple normally allows.

google-preferred-btn
Apple iOS jailbreak flaw Checkm8 utilises a flaw in Apple’s ‘bootrom’, memory in the processor that contains the fundamental code, which is run when the device is turned on.

A security researcher, named Axi0mX has published an iOS exploit, which lays the foundation to jailbreaking almost every single iOS device released between 2011 and 2017. Which includes most models of iPhone, iPad, Apple Watch, iPod Touch, and Apple TV.

The ‘checkm8’ exploit published by Axi0mX on Github affects every Apple device with an A5 through A11 chipset. This includes all iPhones from iPhone 4S to X. The checkm8 is not an all-in-one jailbreak package, instead it provides researchers with an extensive foundation to build customised jailbreaks for every vulnerable model.

The exploit will allow researchers to completely take over the unit and run customised software, which is far beyond what Apple normally allows. It will also allow them to program apps to interact and share data in ways that Apple’s protections usually preclude.

Story continues below this ad

Checkm8 utilises a flaw in Apple’s ‘bootrom’, memory in the processor that contains the fundamental code, which is run when the device is turned on. The vulnerability was found by reverse-engineering and examining a patch Apple released in summer 2018 for the iOS 12 beta.

Also Read: Apple iOS 13.1.1 now available with fix for third-party keyboard app, battery drain, Siri issues

Bootrom is an essential part of the system, hence its vulnerability can allow researchers to create extremely powerful jailbreaks that don’t depend on vulnerabilities specific to a particular iOS version.

This vulnerability has major implications for iOS device security as bad actors can abuse it. It will allow attackers to wipe, jailbreak and install malware on peoples iPhones. However, they would require physical contact with the victims iPhones.

Story continues below this ad

The vulnerability does not break Apple’s Secure Enclave, which holds the keys to decrypt data already on the device. Another good thing is that the compromise ends when someone reboots the device.

© IE Online Media Services Pvt Ltd
Latest Comment
Post Comment
Read Comments
Advertisement
Top Stories
crackers
Is Delhi BJP govt playing with fire on crackers? The test comes tomorrow
Parineeti Chopra and Raghav Chadha become parents.
EntertainmentParineeti Chopra and Raghav Chadha welcome baby boy: 'Can't remember life before'
office Diwali gifts
TrendingEmployees show off ‘expensive’ Diwali gifts at work; netizens react: ‘90% of corporate slaves have gone into depression’
Virat kohli Rohit Sharma IND vs AUS
SportsAustralia vs India 1st ODI: Rohit Sharma, Virat Kohli show ring rust as visitors thrashed in rain-affected game at Perth's Optus Stadium
employment, infrastructure development, Reserve Bank of India, Ministry of Finance, World Bank, International Monetary Fund, job creation, editorial, Indian express, opinion news, current affairs
OpinionMany perspectives, one conclusion
Express shorts
France Louvre
4 minutes, 1 window: How thieves pulled off the quickest-ever heist at Louvre Museum
World2 hr ago

Thieves steal pieces from France's royal crown jewel collection in a daring heist at the Louvre Museum, using a crane to enter and escaping on motorbikes in just four minutes. The incident raises concerns about the museum's security and outdated measures, despite its popularity among millions of visitors.

View all shorts
Live Blog
Loading Taboola...
Advertisement