Pangu Team Details iOS 8.4.1 Vulnerabilities Patched In iOS 9
While it’s true that iOS 9 is soon to be the shipping version of iOS available for iPhones and iPads, iOS 8.4.1 is currently the latest version available for existing devices, and it’s likely to stay that way for at least one more week. If you keep up with jailbreak news then you probably remember the Pangu jailbreak team announced last month that it had found a way to jailbreak iOS 8.4.1 and even demonstrated a jailbreak for it. That was as far as things went while the team waited to see what Apple did with iOS 9. Today, that changed.
In a blog post on its web site, the Pangu team today outlined the exploits it likely used in order to make that iOS 8.4.1 jailbreak happen. Having previously said that it would wait to find out what Apple did with iOS 9, the team chose to disclose its exploits now following Apple’s closure of the loopholes used, with iOS 9 beta 5 (and later) no longer susceptible to the same exploit. With that being the case, there’s little reason to keep the exploit a secret, seeing as Apple already patched it.
In its blog post, the Pangu team manages to take something hugely complex and distil it down into something that normal folk will understand, but the upshot of it all is that Apple’s code in “com.apple.driver.AppleHDQGasGaugeControl” is particularly susceptible to being fiddled with for whatever reason, and that’s where the exploit was found. In fact, one of the holes found by the Pangu team opened up the possibility of code execution in the kernel itself which, apparently, is a very bad thing for Apple and a good thing for jailbreakers.
When all is said and done, this means nothing for iOS 9 and beyond, but it does show that Apple is plugging holes as quickly as they are being discovered.
Head on over to the Pangu Jailbreak Team’s site for the full blog post, it’s well worth your time to read.