Apple on Monday released iOS 12.4.1 to fix a vulnerability that could have allowed a "malicious application" to execute code on a device, the company said in a security update. The update comes a week after hackers reportedly seized on a security slip-up, releasing a jailbreak for iOS 12.4.
The company reportedly reintroduced a bug in iOS 12.4 that it previously fixed, making that version of iOS vulnerable to hacks. Jailbreaking an iPhone lets people customize their iOS devices and run unsupported apps, but Apple says these hacks, or "unauthorized modifications to iOS," can lead to security vulnerabilities and things like device crashes and data loss.
A security researcher known as Pwn20wnd on Aug. 19 published a jailbreak for iOS 12.4, which Apple released in July, to Github, according to Motherboard. CNET wasn't able to independently verify the hack, but Google Project Zero researcher Ned Williamson reportedly confirmed to Motherboard that the jailbreak worked on his iPhone XR. He reportedly suggested the vulnerability could be used to create spyware that steals user data.
In its security update, Apple acknowledged Williamson and Pwn20wnd for their assistance.
Source: cnet