Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Mobile & Wireless

Apple Fixes Jailbreak Vulnerabilities With Release of iOS 8.1.1

Apple’s first update for the iOS 8.1 mobile operating system includes bug fixes, increased stability and performance improvements for older devices, and also addresses several security issues.

Apple’s first update for the iOS 8.1 mobile operating system includes bug fixes, increased stability and performance improvements for older devices, and also addresses several security issues.

iOS 8.1.1 fixes a total of 9 vulnerabilities affecting components such as the CFNetwork framework, the dyld dynamic link editor, the kernel, the lock screen, sandbox profiles, the search system Spotlight, and the browser engine WebKit.

The CFNetwork flaw (CVE-2014-4460) caused browsing data to remain in the cache after closing a private browsing session. Ashkan Soltani has discovered that a user’s approximate location is included in the initial connection between Spotlight or Safari and the Spotlight Suggestions server (CVE-2014-4453).

iPhone Security UpdatesTwo lock screen security bugs have been addressed with the release of iOS 8.1.1. Stuart Ryan of the University of Technology, Sydney noticed that an attacker with physical access to a device could exceed the maximum number of failed passcode attempts (CVE-2014-4451). Researchers also found a lock screen issue that could have been leveraged to access content in the Photo Library (CVE-2014-4463).

Memory corruption vulnerabilities in WebKit (CVE-2014-4452, CVE-2014-4462), which could have led to arbitrary code execution or unexpected application termination, have also been fixed by Apple.

The other three vulnerabilities have been uncovered by the Pangu Team, a Chinese group that specializes in jailbreaking iOS.  According to Apple, the sandbox profiles flaw (CVE-2014-4457) can be exploited to launch arbitrary binaries on a trusted device, the kernel vulnerability (CVE-2014-4461) can be used by a malicious application to execute arbitrary code with system privileges, while the dyld bug (CVE-2014-4455) can be leveraged by a local user to execute unsigned code.

These vulnerabilities have been used by the Pangu Team in their jailbreak. The hackers confirmed that their jailbreak no longer works since Apple released iOS 8.1.1 for developers.

Advertisement. Scroll to continue reading.

Earlier this month, researchers at security firm FireEye revealed the existence of an iOS vulnerability that can be leveraged to replace genuine applications with illegitimate apps. A limited form of this attack, which FireEye dubbed “Masque,” was used by the recently uncovered WireLurker malware, a threat that is believed to have infected the devices of hundreds of thousands of users in China.

The malware, whose alleged developers were arrested by Chinese authorities last week, had been distributed via rogue Mac OS X applications. The threat transferred malicious iOS apps onto devices connected to the infected computer through the USB port. WireLurker had leveraged a form of the Masque attack to target devices through USB.

Apple took some steps to protect its customers against WireLurker shortly after the existence of the threat came to light. However, the vulnerability used in Masque attacks, which FireEye reported to Apple in July 26, has not been fixed. The flaw affects iOS 7.1.1, 7.1.2, 8.0, 8.1 and apparently 8.1.1.

 

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Vulnerabilities

Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...

Vulnerabilities

A researcher at IOActive discovered that home security systems from SimpliSafe are plagued by a vulnerability that allows tech savvy burglars to remotely disable...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Vulnerabilities

Patch Tuesday: Microsoft warns vulnerability (CVE-2023-23397) could lead to exploitation before an email is viewed in the Preview Pane.

Vulnerabilities

The latest Chrome update brings patches for eight vulnerabilities, including seven reported by external researchers.