Update: Cox stated that the bug is not useful for breaking into Apple devices. Hype over.
History may repeat itself. If you've been keeping up to date with the jailbreak community, you might know that Ian Beers exploit, async_wake, has already been used to create a fully working jailbreak for iOS 11. Unfortunately, the exploit supports up to iOS 11.1.2 which many users missed out on or lost after issues with their devices and the smörgåsbord of jailbreak tools which potentially caused issues and forced restores.
A, previously unknown by the jailbreak community, security researcher going under the name of Russ Cox has been confirmed to have discovered a kernel-level exploit in iOS 11.2 up to 11.2.1. The credibility comes from Apple's crediting the researcher in the changelog of iOS 11.2.5 where Apple credited "Russ Cox of Google".
Cox states that the security vulnerability will be made public later and that he will "tweet a link" when he does release it. One part that's a little worrisome is the unenthusiastic tweet by Cox saying that the vulnerability is "honestly not that interesting":
This could mean a couple of things. It could either mean that it's far from the researchers biggest achievements or that it's too weak to actually be useful for a jailbreak. The general assumption is the first statement as Apple mentioned that the exploit is capable of executing code with kernel privileges, which is a very good thing for jailbreak development:
"A malicious application may be able to execute arbitrary code with kernel privileges"
Cox has been quiet about the case since the second reply, however, as the news blow up we expect him to leave a full response regarding the matter. ModMy has reached out for comment regarding the situation and the article will be updated if new information surfaces.
What are your thoughts? Excited to see a kernel-level exploit for iOS 11.2? Let us know what you think in the comments section below!
via iDownloadBlog
