Apple Releases iOS 6.1.3 Update to Kill Evasi0n Jailbreak
Apple Releases iOS 6.1.3 Update to Kill Evasi0n Jailbreak

Much to the dismay of the jailbreak community, Apple has released its latest iOS 6.1.3 software update which kills the highly accredited evasi0n untethered jailbreak for iOS 6. As feared, the latest iOS update contains patches for at least four out of five exploits used in the popular iOS 6.x jailbreak.

As iDownloadBlog notes, renowned iOS hacker and developer MuscleNerd's recent Twitter update points out that the iPhone maker has credited the evad3rs Dream Team with the discovery of four out of six security flaws that were patched in the latest update. The jailbreak developer community has strongly advised its users to stay away from the new iOS update to protect their existing jailbreak, along with associated tweaks and apps. Accordingly, jailbreak users should save their SHSH blobs, use safe mode and stay away from iOS 6.1.3 update until further notice from the evad3rs Dream Team.

Earlier in February, David Wang (aka planetbeing) revealed that at least two critical vulnerabilities found in evasi0n jailbreak were fixed in the iOS 6.1.3 beta 2 update. In the recent shared e-mail link from Apple Product Security, the veteran hacker MuscleNerd reveals the fix released by Apple to break at least six security flaws found in iOS 6.1.3, out of which only four have been used by evasi0n jailbreak.

Here is the complete list of security flaws (with description) that have been reportedly patched in the newly released iOS 6.1.3 update:

dyld

Available for: iPhone 3GS and later,

iPod touch (4th generation) and later, iPad 2 and later

Impact: A local user may be able to execute unsigned code

Description: A state management issue existed in the handling of

Mach-O executable files with overlapping segments. This issue was

addressed by refusing to load an executable with overlapping

segments.

CVE-ID

CVE-2013-0977 : evad3rs

Kernel

Available for: iPhone 3GS and later,

iPod touch (4th generation) and later, iPad 2 and later

Impact: A local user may be able to determine the address of

structures in the kernel

Description: An information disclosure issue existed in the ARM

prefetch abort handler. This issue was addressed by panicking if the

prefetch abort handler is not being called from an abort context.

CVE-ID

CVE-2013-0978 : evad3rs

Lockdown

Available for: iPhone 3GS and later,

iPod touch (4th generation) and later, iPad 2 and later

Impact: A local user may be able to change permissions on arbitrary

files

Description: When restoring from backup, lockdownd changed

permissions on certain files even if the path to the file included a

symbolic link. This issue was addressed by not changing permissions

on any file with a symlink in its path.

CVE-ID

CVE-2013-0979 : evad3rs

USB

Available for: iPhone 3GS and later,

iPod touch (4th generation) and later, iPad 2 and later

Impact: A local user may be able to execute arbitrary code in the

kernel

Description: The IOUSBDeviceFamily driver used pipe object pointers

that came from userspace. This issue was addressed by performing

additional validation of pipe object pointers.

CVE-ID

CVE-2013-0981 : evad3rs

Although Wang has hinted that there are still enough bugs left to be exploited in the latest iOS update, it is unlikely that the Dream Team would release another major iOS 6 jailbreak anytime soon.

"We'll probably wait until the next major release," says Wang.

Jailbreak users can now protect their existing jailbreak by installing a number of Cydia tweaks, using the video tutorials below (courtesy of Daily iPhone Blog):

However, non-jailbreak users can install the iOS 6.1.3 update and enjoy the fix for Lock screen bug and enhancements to Maps app for Japanese users.

Here is the official direct download links for iOS 6.1.3 update for all the supported devices:

IPhone Twitter IPad IPod