Today Apple released two new iOS updates, the iOS 17.0.1 with build number 21A340 and the iOS 17.0.2 update with build number 21A350.
The iOS 17.0.1 update is available for all supported iOS 17 devices except for iPhone 15. For the iPhone 15 models, iOS 17.0.2 is now available. You cannot install iOS 17.0.2 on devices older than iPhone 15.
iOS 17.0.1 and iOS 17.0.2 changelog
The changelog for both iOS 17.0.1 and iOS 17.0.2 contains security patches for 3 major vulnerabilities that appear to have been exploited in the wild:
- Kernel: CVE-2023-41992: Bill Marczak of The Citizen Lab at The University of Toronto’s Munk School and Maddie Stone of Google’s Threat Analysis Group
- WebKit: CVE-2023-41991: Bill Marczak of The Citizen Lab at The University of Toronto’s Munk School and Maddie Stone of Google’s Threat Analysis Group
- Security: CVE-2023-41991: Bill Marczak of The Citizen Lab at The University of Toronto’s Munk School and Maddie Stone of Google’s Threat Analysis Group
The “Security” vulnerability states “A malicious app may be able to bypass signature validation. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7“.
It might be possible to implement something like Trollstore using this vulnerability!
iOS 16.7 changelog
The iOS 16.7 update patches the exact same vulnerabilities as iOS 17.0.1 and iOS 17.0.2, however, this update is meant for people who use devices that are not compatible with iOS 17.
Those devices are stuck on iOS 16 so Apple decided to push an iOS 16 build to fix these issues. This goes to show that the vulnerabilities may be a part of a powerful exploit chain used by threat actors.
The changelog of iOS 16.7 mentions “Additional CVE entries coming soon”. This could hint at even more vulnerabilities patched but not yet published.
If you’re interested in securing your device and do not care about jailbreaking, definitely update as soon as possible. For jailbreak enthusiasts, this is pretty good news!
More iDevice Central guides
- iOS 17 Jailbreak RELEASED! How to Jailbreak iOS 17 with PaleRa1n
- Download iRemovalRa1n Jailbreak (CheckRa1n for Windows)
- Dopamine Jailbreak (Fugu15 Max) Release Is Coming Soon for iOS 15.0 – 15.4.1 A12+
- Cowabunga Lite For iOS 16.2 – 16.4 Released in Beta! Install Tweaks and Themes Without Jailbreak
- Fugu15 Max Jailbreak: All Confirmed Working Rootless Tweaks List
- iOS 14.0 – 16.1.2 – All MacDirtyCow Tools IPAs
- iOS Jailbreak Tools for All iOS Versions