Google Engineer Releases iOS 11 Exploit For Jailbreakers

It was only a couple of weeks ago that I said jailbreaking is basically dead. But it seems no-one told Google security engineer Ian Beer. He’s released detailed information that describes how to exploit a memory corruption vulnerability that works on almost all 64-bit Apple devices running iOS 11.1.2 or earlier. This can, he says, be used to create a jailbreak.

Beer did reveal all to Apple before making the exploit, dubbed tfp0 or Task for pid 0, public. And Apple remedied the vulnerability in all four of their operating systems; macOS 10.13.2, iOS 11.2, watchOS 4.2 and tvOS 11.2.

As iOS and macOS share the same codebase, the exploit which could be used for jailbreak on an iPhone or iPad could be used to compromise a Mac.

Looking through those security notes, Beer’s name gets many mentions. He’s a member of Google’s Project Zero team, a group of security researchers tasked with finding zero day vulnerabilities and reporting them to manufacturers. Perhaps the reason this patch was issued promptly by Apple, rather than the time they took to fix KRACK is that Project Zero gives manufacturers 90 days to fix the problem before they go public.

If you’re into jailbreaking, then avoid upgrading to the most recent versions of Apple’s software as the fault is patched in all the “.2” releases. But if you don’t jailbreak – and recent evidence suggests the practice is dying out – then updating to the most recent version of the operating systems will remove that potential vulnerability.

The Cheapest NBN 50 Plans

Here are the cheapest plans available for Australia’s most popular NBN speed tier.

At Lifehacker, we independently select and write about stuff we love and think you'll like too. We have affiliate and advertising partnerships, which means we may collect a share of sales or other compensation from the links on this page. BTW – prices are accurate and items in stock at the time of posting.


Leave a Reply