By 
Tech giant Apple has issued an emergency fix in iOS 12.4.1 that addresses a susceptibility that opened iPhones to jailbreaks.
The company has issued an emergency patch fixing a kernel susceptibility – for the second time – after it was inadvertently unpatched in iOS 12.4.
The fault (CVE-2019-8605), a use-after-free issue existing in the kernel, could allow a malicious application to implement random code with system privileges in up-to-date iOS devices. What’s worse is that the fault allows phones to be jailbroken — and a public breakout was issued last week to benefit from it on phones running the latest version of iOS.
“A malicious application may be able to execute arbitrary code with system privileges,” according to Apple’s newest iOS patch, iOS 12.4.1, released on Monday. “A use after free issue was addressed with improved memory management.”
The issue of public breakouts — a method to escape Apple’s limitations on what apps and code can run on the iPhone – are uncharacteristic, particularly for up-to-date phones. Jailbreaks are valuable for those wanting to install custom code, add features or do security research outside the limit of the Apple ecosystem – but can also reveal phones to spyware and malware attacks.
Apple repaired the susceptibility in a previous May update, but its most recent working system update, iOS 12.4, unintentionally unpatched the fix. Then, on Aug. 18 a hacker under the codenamed “Pwn20wnd” on Github released numerous perfected jailbreaks for the latest version of iOS, based on SockPuppet.
“Pwn20wnd,” who was also accredited in Apple’s Monday update, on Twitter established the patch.
Apple also issued updates for macOS Mojave and tvOS addressing the kernel susceptibility.
