iPhone exploit may end up allowing jailbreaking in millions of devices

The iOS 12.4.1 update released by Apple earlier this month is expected to fix the bug that allowed hackers to jailbreak an iPhone. This does not seem to end the vulnerability of the iPhone. A new bug called bootrom vulnerability is reported which affects all iPhone models from iPhone 4s to iPhone X. It is reported that the bug cannot be fixed via software updates, making millions of iPhones vulnerable.

A security researcher who goes by the name @axi0mX on Twitter had found the bug. The bug is named “checkm8”. The researcher has also shared “open-source jailbreaking tool for many iOS devices” meant for researchers and is not a full-fledged jailbreak tool compatible with Cydia, on GitHub. The researcher says it is “the biggest news in iOS jailbreak community in years.”

The tweet says, “EPIC JAILBREAK: Introducing checkm8 (read “checkmate”), a permanent unpatchable bootrom exploit for hundreds of millions of iOS devices. Most generations of iPhones and iPads are vulnerable: from iPhone 4S (A5 chip) to iPhone 8 and iPhone X (A11 chip).

The tool can be employed to downgrade the iOS version to an older version. The proof regarding the bug is yet to be confirmed by Apple.

The tool which is available in beta version is capable of bricking the iPhone on which it is tested. The security researcher claims that iPhone models from 4s to iPhone X can jailbreak using this tool. It means that anyone who has access to right tools can jailbreak the iPhone. The bug checkm8 is a bootrom exploit which means that it cannot be fixed with a software update making the Apple devices vulnerable.

The jailbreak cannot be performed remotely. The hacker needs to access the iPhone and a computer to connect both devices via a USB cable. The security researcher @axi0mX claims that the iPhone can be jailbreak even without using a computer. Apple has not released any statement about the bug.