iOS 10.3.2 Jailbreak Is Apparently Possible, Downgrade While Apple Is Still Signing The Firmware
Great news folks; it seems that a jailbreak for iOS 10.3.2 is possible thanks to an exploit discovered and recently shared by Ian Beer of Google’s Project Zero team.
The news was posted by Jonathan Levin, well known author and security researcher, confirming that the work carried out by Ian can actually be taken to a new level and turned into a functional developer-only jailbreak tool for iOS 10.3.2.
The work in question is what’s known as a libxpc vulnerability, patched by Apple in iOS 10.3.3, and hence has now been shared by Ian. With additional work carried out and put in place, the vulnerability would allow an application – which in this instance would be the jailbreak app – to install and run arbitrary code on the device with full system level privileges. Having that access in itself is the perfect platform for someone with the correct knowledge to put together a tool to exploit the vulnerability.
With his post, Levin confirmed the situation and advised device owners to downgrade to iOS 10.3.2 from iOS 10.3.3 in preparation while Apple is still signing the older firmware:
If you’re at #iOS 10.3.3, downgrade to 10.3.2 while you can: Ian Beer’s awesome CVE-2017-7047 bit unstable, can be adapted to a dev #jailbreak.
As mentioned earlier, the post also confirms that the vulnerability can indeed be adapted into a “dev” jailbreak, which is where the only real area of contention lies. The wording would seem to suggest that an individual with the right expertise could actually put together a jailbreak solution that would only really be applicable to developers for testing and research purposes. Of course, the holy grail here is that we see something made available which actually is capable of being released to the wider public via an easy-to-use tool.
There’s also no word yet on whether or not Levin himself will create this jailbreak, or whether someone else will based on the info he has shared.
In any case, for those who are sitting on iOS 10.3.3, and who have been eagerly awaiting for a new jailbreak, it’s definitely worthwhile taking the opportunity to fall back onto iOS 10.3.2 while Apple is still signing the firmware. You can find how to downgrade info here: How To Downgrade iOS 10.3.3 / 10.3.2 / 10.3.1 On iPhone Or iPad.
This particular vulnerability affects iPhone 5 and above as well as iPad 4th generation and higher, so there’s a good selection of devices which would be vulnerable.