0:00
what's going on youtube gs9 here so in
0:02
today's video we're talking about a new
0:04
vulnerability the release of ios 15.3.1
0:07
and of course the update to the sep and
0:09
baseband compatibility chart for
0:11
downgrade purposes so if you're
0:13
interested in jailbreaking this video is
0:14
for you but before we get into that
0:16
thanks to all the people who are
0:17
supporting this channel on patreon they
0:19
are right now on your screen so let's
0:21
get straight into the video so for those
0:23
of you who are unaware three days ago or
0:25
so apple released 15.3.1 the build
0:28
number 19 d52 so right now ios 15.3 and
0:32
15.3.1 are signed so this update here is
0:36
available for all devices and it patches
0:38
only one important vulnerability a
0:40
webkit one so basically something
0:42
related to safari the general web engine
0:44
behind it so it says in here ios 15.3.1
0:47
and ipad os 15.3.1 it's a webkit
0:50
vulnerability and it says processing a
0:52
maliciously crafted web content may lead
0:54
to arbitrary code execution we like that
0:56
apple is aware of a report that this
0:58
issue may have been actively exploited
1:00
that's something we don't like we're
1:02
going to get into that zekobs posted
1:04
about this quote a vulnerability that
1:06
was exploited in the wild as zero day is
1:10
15.3.1 we advise to update vulnerable
1:13
devices can be hacked by clicking on a
1:15
link one click or in some scenarios as
1:17
zero click for example water holding or
1:19
cross site scripting men in the middle
1:21
and captive portal so they are talking
1:24
about this vulnerability that was
1:25
patched on 15.3.1 back in february the
1:27
10th and yeah it's actually quite bad
1:29
this has been used by threat actors or
1:32
hackers in the background in order to
1:34
hack people that's why it says that it
1:36
was exploited in the wild here on the
1:38
apple security content can this be used
1:40
for jailbreak purposes like for example
1:42
uncover very likely yes because it's
1:44
arbitrary code execution so we like that
1:47
it probably can be adapted to use on
1:48
uncover or taurine or any other
1:50
jailbreak that would want to pursue a
1:52
webkit style so right now uncover uses
1:55
an ipa format you install the ipa file
1:58
you deploy it you press jailbreak and
1:59
that's it they could use a webkit
2:01
vulnerability in order to basically
2:02
jailbreak directly from uncover.dev here
2:05
instead of download it would say
2:06
jailbreak and you would do it directly
2:08
from the browser that's something that
2:10
would be possible with a proper webkit
2:12
vulnerability probably chained together
2:14
with a kernel one but still this is a
2:16
proper serious vulnerability and i would
2:18
definitely advise you if you don't
2:20
update because you want to jailbreak to
2:21
respect what zekkops said in here and to
2:24
avoid basically clicking on any single
2:26
link that you get some of those links
2:28
can indeed trigger the vulnerability and
2:30
you'd get all your data stolen this is a
2:32
proper serious vulnerability and as you
2:34
can see sometimes it can even be zero
2:35
click if you use a captive portal that
2:37
has been infected or if you're a victim
2:39
of men in the middle or exercise and
2:41
stuff like that so it's still good to be
2:43
very careful what you click on if you
2:45
stay below 15.3.1 now the chances that
2:48
you will be targeted by such things by a
2:51
hacker are pretty much slim but they are
2:54
not zero so you should still be indeed
2:56
cautious on what to click especially
2:58
those messages that you get from like
3:01
fake banks or fake amazon that your
3:03
order has shipped click here to see your
3:05
status and you're like what order i
3:07
didn't order anything or even worse you
3:09
think that it's something you did
3:10
actually order and you click on the link
3:12
and it turns out to be something that
3:14
exploits this so be very careful what
3:16
you click on and avoid clicking on links
3:18
you don't know in other news i have
3:20
updated the future restore ios downgrade
3:23
sep and baseband compatibility to
3:25
reflect basically all the latest changes
3:27
including ios 15.4 beta 15.3.1 and 15.3
3:32
if you want to see exactly how you can
3:34
downgrade or what you can use to
3:35
downgrade or upgrade your device with
3:37
future restore and saved shsh blogs the
3:40
link to my website will be down below so
3:42
that's basically it that's it for today
3:44
thank you for watching imgs now until
3:45
the next time take care and peace out
