Recently discovered vulnerabilities in the Apple Safari web browser and iOS 12 could allow remote attackers to compromise your iPhoneX.
The Chinese internet security company Qihoo 360 recently released a proof-of-concept video. In the video, security researcher Qixun Zhao reveals the technical details of critical vulnerabilities in Apple Safari web browser and iOS. The vulnerabilities could allow a remote attacker to jailbreak and compromise victims’ iPhoneX running iOS 12.1.2 and previous versions.
According to Qihoo 360, the remote jailbreak exloit is a combination of two vulnerabilities. One is a type confusion memory corruption flaw (CVE-2019-6227) in Apple’s Safari WebKit. The other is a use-after-free memory corruption issue (CVE-2019-6225) in iOS Kernel.
Tricking iPhoneX Users Into Chaos
For iOS, jailbreaking is the process of modifying iOS system kernels to allow file system read and write access. Most jailbreaking tools (and exploits) remove the limitations and security features built by Apple through the use of custom kernels. This makes unauthorized modifications to the operating system.
The video released by Qihoo 360 shows that all an attacker needs to do is to trick iPhoneX users into opening a specifically crafted web page using Safari’s web browser.
The Safari flaw allows maliciously crafted web content to execute arbitrary code on the targeted device. It then uses the second bug to elevate privileges and install a malicious app silently. The security vulnerabilities were first demonstrated at the TianfuCup hacking contest in November last year. It was then also responsibly reported to the Apple security team
Why You as an App Vendor Need to Take Action
Jailbreaking has very serious security implications as it makes your end-users’ iPhones an easier target for malware. It completely removes the walls that Apple has built into both iOS and the App Store.
Since a jailbroken iPhone is much more at risk of being compromised, it is important to know about it. If you choose to allow your app to run on jailbroken devices, you should detect whether the device is jailbroken or not. This is essential for further security measures in order to determine the threats that your app is exposed to.
Jailbreak detection can be performed in different ways. Standard approaches simply test for the existence of files in the file-system that are associated with a jailbroken device. Promon SHIELD™ performs detection on multiple levels. It also implements these standard detection mechanisms, ranging these well-known approaches to cutting-edge low-level mechanisms that are targeted more towards detecting the essence of a jailbreak.