0:00
what's going on YouTube gs right here so
0:02
Apple patched a very important iOS
0:05
vulnerability in iOS 18.4.1 in fact two
0:08
of them are patched in here if you check
0:10
out the security content for iOS 18.4.1
0:13
however one of them is actually quite
0:15
critical the one in our pack over here
0:18
says impact an attacker with arbitrary
0:20
read and write capability may be able to
0:23
bypass pointer authentication apple is
0:25
aware of a report that this issue may
0:27
have been exploited in an extremely
0:28
sophisticated attack against specific
0:31
targeted individuals on iOS the issue
0:33
was addressed by removing vulnerable
0:35
code so for those of you running on iOS
0:37
18.4 18.3 anything older than this
0:41
essentially your device is vulnerable to
0:43
a very sophisticated attack that could
0:45
potentially excfiltrate data out of your
0:48
device now what actually drew me to this
0:50
change log over here is that the
0:52
vulnerability itself may be able to
0:54
bypass pointer authentication now
0:56
pointer authentication is something that
0:58
most necessarily has to be bypassed if
1:01
you want to create a jailbreak and for
1:03
the people who are in the iOS jailbreak
1:05
community this is actually quite
1:07
important you cannot build a jailbreak
1:09
for the newer modern devices like the
1:12
iPhone 16 15 and so on without bypassing
1:14
the pointer authentication code and in
1:16
fact there hasn't been a jailbreak
1:18
available in a long time especially for
1:20
iOS 17 and 18 and the pointer
1:22
authentication codes is a security
1:25
feature that is responsible for at least
1:27
a part of this lack of jailbreaking this
1:28
definitely looks like a very powerful
1:30
vulnerability that could potentially be
1:32
useful for jailbreak purposes as well if
1:34
released now there is another one in
1:36
core audio as well which is intriguing
1:38
to say the least it says impact
1:40
processing an audio stream in a
1:42
maliciously crafted media file may
1:44
result in code execution apple is aware
1:46
of a report that the issue may have been
1:48
exploited an extremely sophisticated
1:50
attack against specific targeted
1:52
individuals on iOS a memory corruption
1:54
issue was addressed with improved bounds
1:56
checking and this one is credited to
1:58
Apple and the Google threat analysis
2:00
group so it looks like these two
2:01
vulnerabilities over here were actually
2:04
in pair they were actually used in the
2:06
same exploit chain in order to
2:07
exfiltrate files very likely so this is
2:10
most likely used in spyware against some
2:12
people however the great thing is that
2:15
for the Jailbreak community this is
2:16
great news this could mean that these
2:18
more abilities are strong enough for
2:20
jailbreak purposes especially this one
2:21
with the pointer authentication i don't
2:23
know if this gets released it could be
2:25
very interesting however at the same
2:26
time it means that for those of you who
2:28
are running a lower version your device
2:31
is suddenly vulnerable you may not be
2:32
one of those uh targeted individuals at
2:35
the moment however you never know who
2:37
finds this vulnerabilities and pairs
2:39
them up in order to create a similar
2:41
spyware and to target more people than
2:43
those individuals that were initially
2:45
targeted by god knows who so it's a
2:47
great idea if you're not interested in
2:49
jailbreaking go ahead right away update
2:52
iOS 18.4.1 the iOS 18.4.1 does patch
2:56
those vulnerabilities so it's great to
2:58
see that those have been patched
3:00
speaking of vulnerabilities though if
3:01
you want to learn how to build your own
3:03
iOS exploits and find your own iOS
3:05
vulnerabilities whether for jailbreak
3:07
purposes or if you want to do security
3:08
research and find this kind of
3:10
vulnerabilities on iOS the 8K sec
3:12
academy has a great course called
3:14
offensive iOS internals you can check it
3:16
out down below there will be a link and
3:18
this one goes in depth on the iOS
3:20
architecture its security features and
3:22
so on so definitely check it out below
3:24
you can also find the latest jailbreaks
3:26
for iOS here on idcentral.com link will
3:28
be below on the Jailbreak tools page and
3:30
you can see which tools are available
3:32
for what iOS versions but yeah pretty
3:34
nasty set of vulnerabilities patched in
3:36
18.4.1 don't know what will come from
3:38
that for the Jailbreak community however
3:40
these do look very powerful more
3:42
powerful than other vulnerabilities I
3:44
have seen so far so yeah thank you for
3:46
watching i am GS Snow peace out
