Прошивка iOS 8.1.3 вышла всего несколько минут назад, но только сейчас стало окончательно ясно, что компания Apple окончательно и бесповоротно закрыла прореху в безопасности iOS, которая позволяла делать отвязанный джейлбрейк через программу TaiG и PP Jailbreak. По большому счету, ни для кого это не является сюрпризом, в том числе и для китайских хакеров, которые создали TaiG. Они уже сообщили, что работают над версией джейла для iOS 8.1.3.
AppleFileConduit
● Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later
● Impact: A maliciously crafted afc command may allow access to protected parts of the filesystem
● Description: A vulnerability existed in the symbolic linking mechanism of afc. This issue was addressed by adding additional path checks.
● CVE-2014-4480 : TaiG Jailbreak Teamdyld
● Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later
● Impact: A local user may be able to execute unsigned code
● Description: A state management issue existed in the handling of Mach-O executable files with overlapping segments. This issue was addressed through improved validation of segment sizes.
● CVE-2014-4455 : TaiG Jailbreak TeamIOHIDFamily
● Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later
● Impact: A malicious application may be able to execute arbitrary code with system privileges
● Description: A buffer overflow existed in IOHIDFamily. This issue was addressed through improved size validation.
● CVE-2014-4487 : TaiG Jailbreak TeamKernel
● Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later
● Impact: Maliciously crafted or compromised iOS applications may be able to determine addresses in the kernel
● Description: The mach_port_kobject kernel interface leaked kernel addresses and heap permutation value, which may aid in bypassing address space layout randomization protection. This was addressed by disabling the mach_port_kobject interface in production configurations.
● CVE-2014-4496 : TaiG Jailbreak Team
demon. vip, закрыто то, что открыто было. сейчас тока не понятно будет либджейл 8.1.3 или будут беречь до 8.2
Даже ту, которую хакеры оставили для 8.2?