Not too long ago, we reported about a new iOS bug that let users jailbreak their iPhones. iOs 12.4 made it possible to jailbreak the latest iPhones after years. The jailbreak was enabled by a security flaw in iOS 12.4 that not only allowed users to jailbreak but also put their security at risk.
Apple had actually fixed the issue in the past after it was first reported by a Google engineer. The company later mistakenly reversed the patch with iOS 12.4, opening up the flaw once again and putting users at risk.
Cupertino has now issued an emergency patch for iOS 12.4, and it’s released iOS 12.4.1 earlier this afternoon. The official changelog for the release notes that the update fixes a security issue, noting “a malicious application may be able to execute arbitrary code with system privileges”.
What is even more interesting is that Apple actually acknowledged the creator behind the jailbreak as part of the fix. “We would like to acknowledge @Pwn20wnd for their assistance,” Apple said. So it seems like the creator of the jailbreak, @Pwn20wnd, actually worked with Apple to help fix the problem. It’s unclear whether the security flaw was abused by any hackers to exploit iPhone users, though. There have not been any reports of abuse so far, and that’s pretty good to hear — that still doesn’t excuse Apple’s clumsiness here, though.