0:00
what's going on youtube geosnowright
0:02
here today we're talking about a brand
0:03
new vulnerability that was released in
0:05
the wild that could be usable for a
0:07
jailbreak because according to the
0:09
security researchers who have released
0:10
it it was patched on 15.4 and it works
0:13
on ios 2. this video is brought to you
0:15
by any translate software that allows
0:17
you to drag and drop files directly from
0:18
your computer to your device and manage
0:20
your photos music videos and so on check
0:22
it out in the link below also thank you
0:24
to the patrons who are supporting this
0:26
channel on patreon they're right now on
0:28
your screen so cyberadvising posted a
0:30
couple of days ago quote cve 2022 22639
0:35
the issue is fixed on ios 15.4 and ipad
0:38
os 15.4 mac os monterey 12.3 and an
0:41
application may be able to gain elevated
0:43
privileges proof of concept available
0:45
here on github and yes they did post it
0:47
but the proof of concept is for mac os
0:50
now there's also a page here mac os su
0:52
helper root privilege escalation
0:54
vulnerability a deep dive into this
0:56
vulnerability and it's basically
0:57
explaining everything in here and of
0:59
course people naturally tagged me into
1:01
this as you can see over here and asked
1:03
me about it and so on well according to
1:05
them this works on ios as well and if
1:08
you go ahead here on the security
1:09
content of the ios 15.4 they do actually
1:13
mention that here too you can see it in
1:15
here in software update is the same cve
1:18
number by mickey and says in here an
1:20
application may be able to gain elevated
1:22
privileges and it's available on iphone
1:23
6s and newer so yes it appears that this
1:26
vulnerability was indeed present on ios
1:29
as well even though the write up itself
1:31
only covers macos and even the proof of
1:34
concept seems to be made for mac os as
1:36
well but yes the vulnerability appears
1:38
to be in ios as well and it might be
1:40
exploitable now according to apple this
1:43
issue is in software update and it says
1:45
that an application may be able to gain
1:47
elevated privileges not exactly a huge
1:50
kernel exploit or anything like that but
1:52
it could prove useful so for now for
1:54
those of you who are asking me whether
1:55
you should update or do anything like
1:57
that this was patched in 15.4 which
2:00
means that 15.3.1 15.3 15.2.1 basically
2:04
all the way down to 15.0 should be
2:06
vulnerable to this but 15.4 and 15.4.1
2:10
which is currently signed shouldn't so
2:12
if you're running 15.3.1 definitely do
2:14
not update further but if you're writing
2:16
15.3.1 there might be other
2:18
vulnerabilities as well that will be
2:20
released soon and for 15.3 15.2.1 and
2:24
stuff like that there are
2:25
vulnerabilities but yeah it's unknown
2:26
for the moment whether this one will be
2:28
usable for a jailbreak or not it doesn't
2:30
seem to be very powerful in my opinion
2:33
but i could definitely be wrong it could
2:35
be usable for uncover or taurine we
2:37
don't know for the moment but the
2:38
vulnerability is indeed present on ios
2:41
so if you're running any of the
2:42
vulnerable versions for example 15.3.1
2:45
or older definitely stay as low as
2:47
possible it's always a good practice to
2:48
stay as low as possible so yeah
2:50
definitely an interesting release we
2:52
don't know what's going to be about it
2:53
for now whether developers will use it
2:55
for a jailbreak or not but definitely
2:57
stay as low as possible that's the best
3:00
advice i can give you because you never
3:02
know thank you for watching i am just
3:03
now till the next time subscribe to stay
3:05
updated and peace out
