Apple patches two vulnerabilities in iOS 9.1 used by Pangu jailbreak
Compared to the previous two releases -- iOS 9.0.2 and 9.0.1 -- the latest iteration of iOS 9 brings more fixes and several enhancements including the one for multitasking UI and stability improvements for a bunch of services such as Music, Photos, Safari and more. Updating your compatible iPhone, iPad or iPod touch to this version should also resolve the activation error for some carrier networks. Here is the list of changes introduced in iOS 9.1
- Live Photos now intelligently senses when you raise or lower your iPhone, so that Live Photos will automatically not record these movements
- Over 150 new emoji characters with full support for Unicode 7.0 and 8.0 emojis
- Improved stability including CarPlay, Music, Photos, Safari, and Search
- Improved performance while in Multitasking UI
- Fixes an issue that could cause Calendar to become unresponsive in Month view
- Fixes an issue that prevented Game Center from launching for some users
- Resolves an issue that zoomed the content of some apps
- Resolves an issue that could cause an incorrect unread mail count for POP mail accounts
- Fixes an issue that prevented users from removing recent contacts from new mail or messages
- Fixes an issue that caused some messages to not appear in Mail search results
- Resolves an issue that left a gray bar in the body of an Audio Message
- Fixes an issue that caused activation errors on some carriers
- Fixes an issue that prevented some apps from updating from the App Store
Along with these, Apple has patched some security flaws in iOS 9.1, owing credits to the Pangu team for discovering them. The document describing the security contents of iOS 9.1 mentions two vulnerabilities used by Pangu jailbreak. Here are the vulnerabilities:
configd
Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later
Impact: A malicious application may be able to elevate privileges
Description: A heap based buffer overflow issue existed in the DNS client library. A malicious application with the ability to spoof responses from the local configd service may have been able to cause arbitrary code execution in DNS clients.
CVE-ID
CVE-2015-7015 : PanguTeam
GasGauge
Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later
Impact: A malicious application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue existed in the kernel. This issue was addressed through improved memory handling.
CVE-ID
CVE-2015-6979 : PanguTeam
Needless to say, those who are running an untethered version of jailbreak, recently introduced by Pangu, should avoid updating to iOS 9.1, as there is no jailbreak for this version. In case you have accidentally installed the new software, you might consider a downgrade to iOS 9.0.2 before Apple closes the signing window for this firmware. Head over here to know more about the security content in iOS 9.1.
© Copyright IBTimes 2024. All rights reserved.