Apple today released a security patch for a critical jailbreak vulnerability in iOS 12.4 exposed a week ago by a security researcher who released an exploit for it.
The new iOS 12.4.1 release fixes a flaw introduced in version 12.4 of the software: Version 12.4 inadvertently left the OS open to the bug that Apple previously had corrected.
Some security researchers had warned that attackers could abuse the flaw and attack iPhone users remotely or using malicious apps, while others called dismissed concerns over actual attacks.
Apple's update today confirms the use-after-free (CVE-2019-8605) vulnerability, discovered by Ned Williamson, working with Google Project Zero.
Read more here.
Check out The Edge, Dark Reading's new section for features, threat data, and in-depth perspectives. Today's top story: "'Culture Eats Policy for Breakfast': Rethinking Security Awareness Training."