Reportedly apple users are being warned to exercise particular caution over their cyber security for the next few days, after the company mistakenly reopened a security flaw in the latest version of iOS. In iOS 12.4, released last month, apple fixed numerous security bugs as well as enabling support for the apple Card in the US. But in doing so, the company accidentally reversed a security fix it had previously patched in iOS 12.3 at the end of April.
That vulnerability, discovered by Google’s bug-hunting team Project Zero, theoretically allows “a malicious application to execute arbitrary code with system privileges”. In other words, if exploited, a malicious application can gain complete control over an iPhone a dream for hackers and spies the world over. Such a public, un-patched vulnerability is rare in iOS.
Generally, the value of “jailbreaks”, as they are known since they also allow users to install unauthorized apps on their own phones is so high to nation states and others that they fight to keep them secret for as long as possible. The last time the newest version of iOS was open to jail break vulnerability was back in 2015, for a period of just seven days.
