“The iOS 12.4 update reintroduced a publicly available jailbreak that could allow attackers to take malicious actions on certain devices.”
Apple has stopped the code signing process of its iOS 12.4 update, which accidentally reintroduced a previously patched jailbreak bug that allowed attackers and hackers to build a jailbreak for the iPhone and install backdoors and other malicious elements to steal data or remotely lock down devices. The update comes after Apple introduced the incremental iOS 12.4.1 update that seemingly patched the vulnerability, restoring the sanctity of iOS safety standards to an extent.
Code signing is an essential process that developers follow in order to authenticate the credentials of software. Through code signing, the author or creator of the software in question digitally signs executable files and scripts, signifying that they are free of bugs and has not been altered or tampered with by third party entities since it was signed. Code signing is an important part of software authentication, since it authenticates the validity of software in the long run, signifying that it is genuine, not corrupted and safe to be accessed by developers and users.
The iOS 12.4 update in question accidentally reintroduced the jailbreak due to a bug overlook by Apple. With this jailbreak, users with malicious intent could have very easily taken advantage by installing malicious elements within the code that could, for instance, read sensitive user data, and collect it for various nefarious activities. Ironically, iOS 12.4 also patched previous vulnerability that could have given attackers remote access in order to create threats. As of now, the iOS 12.4.1 update has been patched, and no bugs on this version have been reported yet.
Apple, which is typically known to be consistent with software updates and security standards, has faced a considerable amount of issues with its iOS updates, in the recent past. A series of iOS 12 updates in the earlier months led to broken network connectivity for users, all of which Apple subsequently struggled to fix swiftly. With these issues now ironed out, Apple will turn its focus to iOS 13, which will be introduced to eligible users starting September 19th.