Jonathan Levin was the one who discovered the jailbreak of iOS 10.3.2. He is the author of MacOS and iOS internals.
MacOS and iOS internals is a trilogy in which the author discusses the Apple’s core and the security of Apple’s operating systems in the third volume. The first part of the volume explores all techniques and mechanisms that are employed such as authentication, auditing, the MAC framework, code signing, sandboxing, AMFI, SIP and more. The work is significant because most of these are being documented for the first time. The second volume discusses the historical vulnerabilities in MacOS 10.10 and 10.11 as well as the modern exploits showing both the flaws and vulnerabilities and their exploitation methods.
Back to the jailbreak issue. Levin revealed that the jailbreak of iOS 10.3.2 is only possible thanks to a libxpc vulnerability that was discovered by Ian Beer of Google Project Zero.
The libxpc vulnerability
The libxpc vulnerability was patched in iOS 10.3.3, and it allowed an app to execute arbitrary code with system privileges. According to Apple, the memory corruption issue was addressed with enhanced memory handling.
On his Twitter account, Levin said that the security flaw could be adapted into a dev jailbreak and he recommended users to downgrade to iOS 10.3.2 while it is still possible.
To downgrade or not to downgrade?
So, if you are running iOS 10.3.3, you should do what he suggested and downgrade to iOS 10.3.2. There aren’t any details available regarding Levin’s plans to release this jailbreak but it case you are waiting eagerly for a jailbreak you should take his advice. The CVE-2017-7047 affects the iPhone 5, and later, iPad 4th generation and later, and iPod touch 6th generation.
His exact post on Twitter reads “If you’re at #iOS 10.3.3, downgrade to 10.3.2 while you can: Ian Beer’s awesome CVE-2017-7047 bit unstable can be adapted to a dev #jailbreak.”
The strangest thing noted by users is that Levin tells them to downgrade even if he is not sure if and when he releases the jailbreak.
Get more stuff like this
in your inbox
Subscribe to our mailing list and get interesting products and updates to your email inbox.
Thank you for subscribing.
Something went wrong.