iOS 6 Jailbreak Emerges As Apple Patches Mac OS X

A jailbreak has finally emerged for iOS 6, covering the latest release of the mobile operating system and the iPhone 5, whilst Apple has released a security update for another one of its major products. Mac OS X.

Hackers have been working hard to open Apple’s walled-off iOS to run non-approved software, but, until this week, to no avail. Security experts said that iPhone users are not in danger of having their phones jailbroken when they aren’t looking:  it requires an iOS device to be both unlocked and connected via USB to a PC. There is, however, a possibility that malware from a PC could conceivably jailbreak a connected phone and do nasty things.

Fresh jailbreak

A new tool called “evasi0n” does the nitty gritty of the jailbreak. “All of the stages use functionality on the phone exposed by MobileBackup, the daemon used to backup user data from the device, and restore backups back to the device,” explained security company Accuvant Labs, in a blog post.

“Since backups are created by the user’s device, and must be interchangeable between devices, they cannot be easily cryptographically signed, so they are essentially untrusted data.

“Evasi0n is interesting because it escalates privileges and has full access to the system partition all without any memory corruption.”

The creators of the tool recommended users backup their device using iTunes or iCloud, before running evasi0n. Users who want the jailbreak have to disable the lock passcode of their OS device. The whole process should only take five minutes and is currently compatible with Windows XP and upwards, Mac OS X 10.5 and upwards and Linux systems.

Given how quickly Apple has moved in the past to shut off jailbreak functionality, keen users might want to get moving now.

Meanwhile, Apple has addressed three flaws in the server platform it distributes with Mac OS X. All three could have allowed a remote attacker to execute code on a target system.

Two of the flaws related to an issue in how Ruby on Rails handled XML parameters, Apple said in its advisory. Another related to a problem with Ruby on Rails’ handling of JSON (JavaScript Object Notation) data.

How well do you know Apple? Try our quiz!

Thomas Brewster

Tom Brewster is TechWeek Europe's Security Correspondent. He has also been named BT Information Security Journalist of the Year in 2012 and 2013.

View Comments

  • This is because Evasi0n is too clever... come on; redsnow, green posion, black rain and even jayfreeman (saurik) helped or supported the evasion team...

Recent Posts

Google Warns Of Italian Spyware On Apple, Android Phones

Italian company's hacking tools have been used to spy on Apple, Android smartphones in Italy…

2 days ago

Intel Signals Delay To Ohio Factory Over US Chips Act Dispute

Chip maker warns new factory in Columbus, Ohio could be delayed or scaled back, over…

2 days ago

Silicon UK In Focus Podcast: Sustainable Business

How do sustainable businesses use technology to innovate? And as businesses want to connect sustainability…

2 days ago

Australia Fines Samsung Over Water-Resistance Claims

Samsung rapped over the knuckles by Australian regulator because of 'misleading' Galaxy smartphone water-resistance claims…

3 days ago

Amazon Reveals Alexa Option To Mimic Any Person’s Voice

Bereavement aid for those in mourning? Amazon's Alexa voice assistant could be programmed to sound…

3 days ago