Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Mobile & Wireless

Apple Fixes Jailbreak Vulnerabilities With Release of iOS 8.1.1

Apple’s first update for the iOS 8.1 mobile operating system includes bug fixes, increased stability and performance improvements for older devices, and also addresses several security issues.

Apple’s first update for the iOS 8.1 mobile operating system includes bug fixes, increased stability and performance improvements for older devices, and also addresses several security issues.

iOS 8.1.1 fixes a total of 9 vulnerabilities affecting components such as the CFNetwork framework, the dyld dynamic link editor, the kernel, the lock screen, sandbox profiles, the search system Spotlight, and the browser engine WebKit.

The CFNetwork flaw (CVE-2014-4460) caused browsing data to remain in the cache after closing a private browsing session. Ashkan Soltani has discovered that a user’s approximate location is included in the initial connection between Spotlight or Safari and the Spotlight Suggestions server (CVE-2014-4453).

iPhone Security UpdatesTwo lock screen security bugs have been addressed with the release of iOS 8.1.1. Stuart Ryan of the University of Technology, Sydney noticed that an attacker with physical access to a device could exceed the maximum number of failed passcode attempts (CVE-2014-4451). Researchers also found a lock screen issue that could have been leveraged to access content in the Photo Library (CVE-2014-4463).

Memory corruption vulnerabilities in WebKit (CVE-2014-4452, CVE-2014-4462), which could have led to arbitrary code execution or unexpected application termination, have also been fixed by Apple.

The other three vulnerabilities have been uncovered by the Pangu Team, a Chinese group that specializes in jailbreaking iOS.  According to Apple, the sandbox profiles flaw (CVE-2014-4457) can be exploited to launch arbitrary binaries on a trusted device, the kernel vulnerability (CVE-2014-4461) can be used by a malicious application to execute arbitrary code with system privileges, while the dyld bug (CVE-2014-4455) can be leveraged by a local user to execute unsigned code.

These vulnerabilities have been used by the Pangu Team in their jailbreak. The hackers confirmed that their jailbreak no longer works since Apple released iOS 8.1.1 for developers.

Advertisement. Scroll to continue reading.

Earlier this month, researchers at security firm FireEye revealed the existence of an iOS vulnerability that can be leveraged to replace genuine applications with illegitimate apps. A limited form of this attack, which FireEye dubbed “Masque,” was used by the recently uncovered WireLurker malware, a threat that is believed to have infected the devices of hundreds of thousands of users in China.

The malware, whose alleged developers were arrested by Chinese authorities last week, had been distributed via rogue Mac OS X applications. The threat transferred malicious iOS apps onto devices connected to the infected computer through the USB port. WireLurker had leveraged a form of the Masque attack to target devices through USB.

Apple took some steps to protect its customers against WireLurker shortly after the existence of the threat came to light. However, the vulnerability used in Masque attacks, which FireEye reported to Apple in July 26, has not been fixed. The flaw affects iOS 7.1.1, 7.1.2, 8.0, 8.1 and apparently 8.1.1.

 

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this event as we dive into threat hunting tools and frameworks, and explore value of threat intelligence data in the defender’s security stack.

Register

Learn how integrating BAS and Automated Penetration Testing empowers security teams to quickly identify and validate threats, enabling prompt response and remediation.

Register

People on the Move

DARPA veteran Dan Kaufman has joined Badge as SVP, AI and Cybersecurity.

Kelly Shortridge has been promoted to VP of Security Products at Fastly.

After the passing of Amit Yoran, Tenable has appointed Steve Vintz and Mark Thurmond as co-CEOs.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.