Developer Releases Font Changing App For iOS 16 Without Jailbreak

A developer named Zhuowei Zhang has shared a proof-of-concept app via Twitter that allows the default iOS fonts to be changed on iOS 16.1.2 and below. The app uses an iOS 16 exploit and doesn’t require a complete jailbreak.

Modern jailbreaking is night and day compared to the glory days. With that said, the scene is still active and many extremely competent individuals are still working on breaking iOS security and developing jailbreak tools and exploits.

This latest app from developer Zhuowei Zhang uses the CVE-2022-46689 exploit to overwrite Apple’s default font choice within the iOS ecosystem.

Because of the exploit used, the app is compatible with versions of iOS 16 below iOS 16.1.2. Apple has actually already patched the exploit mentioned above with the release of iOS 16.2, hence why the proof-of-concept app will not function on devices running iOS 16.2. By taking advantage of CVE-2022-4889 – which, incidentally, was discovered by Ian Beer of Google Project Zero – Zhang is able to inject his own code with kernel privileges into the iPhone 8 hardware and newer.

Rather than have an extensive app, Zhang has simply included a few additional fonts that can be used within the iOS ecosystem when this app is running. The developer has included DejaVu Sans Condensed, Serif, Mono, and, perhaps rather bizarrely, the Choco Cooky font that used to ship on certain Samsung smartphones. So, if you have an overwhelming desire to have the old Samsung font on your iPhone, you now can!

For those that may be worried about safety or the POC, or actually getting stuck with a random font, worry not! Zhang has also confirmed that all changes are simply removed and overwritten with each reboot of the device. It’s also worth noting that the app only changes fonts in certain parts of the iOS ecosystem as some parts utilize different fonts.

The source code and additional information for the WDBFontOverwrite proof-of-concept are hosted on Github.

You may also like to check out:

You can follow us on Twitter, or Instagram, and even like our Facebook page to keep yourself updated on all the latest from Microsoft, Google, Apple, and the Web.