Select Page

Here we have great news for all iPhone Jailbreak lovers and concerning one for the rest of iPhone users.

A Chinese cybersecurity researcher has today revealed technical details of critical vulnerabilities in Apple Safari web browser and iOS that could allow a remote attacker to jailbreak and compromise victims’ iPhoneX running iOS 12.1.2 and before versions.

To do so, all an attacker needs to do is trick iPhoneX users into opening a specially crafted web page using Safari browser, that’s it.

However, finding flaws and creating a working exploit to carry out such attacks is not as easy as it may sound for every iOS hacker.

Discovered by security researcher Qixun Zhao of Qihoo 360’s Vulcan Team, the exploit takes advantage of two security vulnerabilities that were first demonstrated at TianfuCup hacking contest held in November last year and then was later responsibly reported to the Apple security team.

Zhao today released some details of and a proof-of-concept video demonstration for his exploit, which he dubbed “Chaos,” after Apple just yesterday released iOS version 12.1.3 to patch the issues.

images from Hacker News