New FaceTime Bug Discovered By Project Zero Team Patched In iOS 12.1, Could Be Used In iOS 12.0.1 Public Jailbreak
Natalie Silvanovich of the Google Project Zero team has discovered a new bug in Apple’s iOS and macOS platforms. The bug was first documented back on August 16th and lives within frameworks relating to Apple’s FaceTime functionality.
There has been a relative period of calm in the jailbreak community in recent times. Many people have been focusing on a hypothetical iOS 12 jailbreak and trying to garner information as to whether or not any prominent figures in the community are actually working on piecing something together.
In order for that to happen, someone from the security research world will need to come up with an exploitable bug that can actually give jailbreak developers the necessary privileges in order to escape Apple’s built-in security.
We’ve heard certain mumblings about bugs existing in pre-iOS 12.1 firmware and this latest discovery from Natalie Silvanovich falls into that category. In this particular instance, the bug is a memory corruption in VCPDecompressionDecodeFrame class that lives within the FaceTime protocol in iOS and macOS.
The proof-of-concept that has been put together for the bug only works on a Mac but the discoverer of the bug has confirmed that the issue “appears” to also be present in iOS 11.3.1. The latest comment on the Chromium bug report of “This was fixed in last Tuesday’s update” also suggests that this bug could still be exploited up to iOS 12.0.1.
Of course, as you would expect, the jailbreak community is now up in arms with the belief that this discovery and the work that has already been undertaken could result in an iOS 12.0.1 public jailbreak being released in the imminent future. The fear here is that this is a bug which exists purely within the FaceTime protocol and therefore doesn’t give any access or the necessary privileges to other areas of the system to be able to be beneficial to an ultimate public jailbreak.
All we can do is sit back, wait, and see if any developer involved in the world of jailbreaking takes up the challenge of seeing whether or not this can be utilized in one form or another. If interested, you can find out more about the bug, here.