0:00
what's coming on youtube gsm right here
0:02
today i have some great news for those
0:03
of you waiting for a jailbreak on ios
0:05
15.2 15.1 15.0 and so on so a brand new
0:09
vulnerability has been already released
0:11
but also there are multiple that might
0:13
get released because they are part of
0:14
the new security content so if you take
0:16
a look here on my website the ios 15.3
0:18
is now signed it's been released a
0:20
couple of days ago and it contains a
0:22
couple of security changes which are
0:23
available over here there is one in
0:25
color sync crash reporter icloud but the
0:28
most important ones are the one in the i
0:30
o mobile frame buffer yes i o mobile
0:32
frame buffer again in the spotlight and
0:35
the kernel which are both here the
0:37
kernel one is by peter nguyen and of
0:39
course the mobile frame buffer one is by
0:41
this person here who has posted quote my
0:43
first 2022 cve is ios kernel arbitrary
0:47
code execution in i o mobile frame
0:49
buffer and it actually seems that this
0:50
vulnerability was already released over
0:52
here which of course is just a proof of
0:54
concept but still a very good place to
0:57
start now we're going to touch on
0:58
whether these are good for uncover or
1:00
taurine but first ios 15.3 ios 15.3 is a
1:03
bad idea for jailbreak purposes
1:05
especially with all these patches and if
1:07
you combine that with the patches on
1:09
15.2.1 which is basically just one over
1:12
here but still another patch you get a
1:14
pretty bad combo so it would be a bad
1:16
idea to update the 15.3 or 15.2.1 for
1:19
the moment now 15.2 itself also isn't
1:22
very good it does patch a lot of
1:24
vulnerabilities however it seems that
1:26
there is hope 15.2 does have apparently
1:29
a kernel vulnerability we could use and
1:31
then the i o mobile frame buffer
1:32
vulnerability that was already released
1:34
now the interesting thing about the i o
1:36
mobile frame buffer vulnerability it
1:37
says in here quote a malicious
1:38
application may be able to execute
1:40
arbitrary code with kernel privileges
1:42
and apple is aware of a report that the
1:44
issue may have been actively exploited
1:46
so usually what this means is that some
1:48
threat actor hacker whatever over there
1:51
has used this against people against
1:53
journalists or against i don't know any
1:55
other people who are in an official
1:57
position and stuff like that so it's not
1:58
necessarily a new vulnerability it's
2:00
been known in certain private circles
2:03
for a while now we got to take a look of
2:04
it is this one here it's just a proof of
2:06
concept not an exploit itself but with
2:09
this we can start creating an exploit
2:10
which as the security content over here
2:12
says and the person who found the
2:14
vulnerability says this one is an ios
2:16
kernel arbitrary code execution which of
2:19
course is great for uncover or taurine
2:21
because that's exactly what this kind of
2:22
jailbreaks are built on this kind of
2:24
exploits which allow them to modify the
2:26
kernel memory so right now if you're
2:28
waiting for a jailbreak desperately and
2:30
you want it very very fast the best
2:32
thing you can do is to stay as low as
2:34
possible now usually that's the best
2:36
thing you can do in any situation with
2:37
jailbreaking but right now more than
2:39
ever because 15.3 patches this
2:42
vulnerabilities as you can see over here
2:43
and not only these there are a couple of
2:45
webkit ones as well in fact many of them
2:47
which could be useful but we don't know
2:49
for now and 15.2.1 patches just one
2:52
vulnerability this one in homekit which
2:54
doesn't exactly look very useful it's
2:56
just a denial of service basically
2:57
making the home kit application crash or
2:59
the whole device crash i doubt this one
3:02
can be used for jailbreak purposes but
3:03
still not a good idea to update the
3:05
15.2.1 either unless you do use homekit
3:08
and this is a bug that actually affects
3:10
you so right now i would say stay below
3:12
15.2 if you can 15.1.1
3:17
zero point one and even fifteen point
3:19
zero are all good however if you can
3:21
stay on ios 14.8 or lower that's perfect
3:24
stay there do not update for the moment
3:26
because even with such vulnerabilities
3:28
and even if a full exploit released both
3:30
uncover and taurean will have to figure
3:32
out b root fs being sealed and how to
3:34
get around that which is of course an
3:36
ios 15 issue only so yeah there's that
3:39
that's currently what's going on a brand
3:41
new vulnerability the patch log shows
3:43
multiple yet to come so definitely be
3:45
patient and subscribe to the channel for
3:47
more information if you want to support
3:48
what i'm doing there is a patreon link
3:50
in the cards up there or in the links
3:52
below if you want to donate a dollar to
3:53
keep the channel running thank you for
3:55
watching i am just now peace out