iOS 8.2 jailbreak: Security patch in new release fixes MobileStorageMounter for TaiG
Apple has just released iOS 8.2 for compatible iPhone, iPad and iPod touch models. The release introduces support for Apple Watch, improvements to the health app and increased stability. It also has an array of bug fixes.
Apple has posted a document on its support site describing the security content of iOS 8.2. According to the release note, iOS 8.2 patches the security flaws including CoreTelephony, iCloud Keychain, IOSurface, MobileStorageMounter, Secure Transport and Springboard. The update also patches the MobileStorageMounter (CVE-2015-1062: TaiG Jailbreak Team), which is for the TaiG jailbreak team.
Check out the following descriptions for the security patches in iOS 8.2.
CoreTelephony
Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later
Impact: A remote attacker can cause a device to unexpectedly restart
Description: A null pointer dereference issue existed in CoreTelephony's handling of Class 0 SMS messages. This issue was addressed through improved message validation.
CVE-ID
CVE-2015-1063: Roman Digerberg, Sweden
iCloud Keychain
Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later
Impact: An attacker with a privileged network position may be able to execute arbitrary code
Description: Multiple buffer overflows existed in the handling of data during iCloud Keychain recovery. These issues were addressed through improved bounds checking.
CVE-ID
CVE-2015-1065: Andrey Belenko of NowSecure
IOSurface
Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later
Impact: A malicious application may be able to execute arbitrary code with system privileges
Description: A type confusion issue existed in IOSurface's handling of serialized objects. The issue was addressed through additional type checking.
CVE-ID
CVE-2015-1061: Ian Beer of Google Project Zero
MobileStorageMounter
Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later
Impact: A malicious application may be able to create folders in trusted locations in the file system
Description: An issue existed in the developer disk mounting logic which resulted in invalid disk image folders not being deleted. This was addressed through improved error handling.
CVE-ID
CVE-2015-1062: TaiG Jailbreak Team
Secure Transport
Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later
Impact: An attacker with a privileged network position may intercept SSL/TLS connections
Description: Secure Transport accepted short ephemeral RSA keys, usually used only in export-strength RSA cipher suites, on connections using full-strength RSA cipher suites. This issue, also known as FREAK, only affected connections to servers which support export-strength RSA cipher suites, and was addressed by removing support for ephemeral RSA keys.
CVE-ID
CVE-2015-1067: Benjamin Beurdouche, Karthikeyan Bhargavan, Antoine Delignat-Lavaud, Alfredo Pironti, and Jean Karim Zinzindohoue of Prosecco at Inria Paris
Springboard
Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later
Impact: A person with physical access to the device may be able to see the home screen of the device even if the device is not activated
Description: An unexpected application termination during activation could have caused the device to show the home screen. The issue was addressed through improved error handling during activation.
CVE-ID
CVE-2015-1064
iOS hacker, Stefan Esser, commonly known as i0n1c, has tweeted that the iOS 8.2 security update has fixed another exploit used in TaiG jailbreak. He mentions that Apple has been trying to fix these vulnerabilities but some of its key elements the jailbreakers rely are yet to be fixed.
Apple mentions in the iOS 8.2 security update that they fixed another TAIG bug. Does that mean there won't be a new iOS jailbreak tonight?
— Stefan Esser (@i0n1c) March 9, 2015
@i0n1c Just how well did they actually fix DDI this time? They tried fixing it how many times? x)
— iH8sn0w (@iH8sn0w) March 9, 2015
@iH8sn0w @i0n1c got a direct link to advisories, the usual page is not updated yet https://t.co/pHLBTdgvR1
— Joe Chip (@j0echip) March 9, 2015
@ih8sn0w well they TRY fixing a lot lately. But some key vulnerabilities the jailbreaks rely on for 16 months now are not fixed at all.
— Stefan Esser (@i0n1c) March 9, 2015
At present there is no update from the Chinese jailbreak team, TaiG, which last month released a new update version 1.3.0 to their untethered jailbreak tool, adding support for iOS 8.2 beta 1 and 2 (Windows only).
Meanwhile, MuscleNerd, one of the members of the iPhone dev team has advised the jailbreak community not to update to iOS 8.2.
Jailbreakers stay away from today’s 8.2 update for now, or you will get burned http://t.co/QeZd5Il3vf
— â“‚ MuscleNerd (@MuscleNerd) March 9, 2015
The 8.2 bug fixes are up at https://t.co/UYZ896zXBv . That "reboot-via-SMS" bug would have been messy if an exploit were widely deployed
— â“‚ MuscleNerd (@MuscleNerd) March 9, 2015
© Copyright IBTimes 2024. All rights reserved.
