Apple Once Again Thanks Jailbreakers For Helping To Improve iOS Security

Apple launched iOS 7.1 yesterday, fixing a handful of security flaws and patching an essential exploit used by the evasi0n7 jailbreak solution. After doing so, Cupertino sent out an updated iOS security document, and in it the folks at Apple once again thanked a number of jailbreak hackers for their help in further improving the security of the mobile OS.

The updated document (which came to our attention from iDownloadBlog) outlines security improvements made in iOS 7.1. You can access it online by clicking this link, and as you can see, the document credits the evad3rs with uncovering an iOS kernel exploit:

Impact: A local user may be able to cause an unexpected system termination or arbitrary code execution in the kernel

Description: An out of bounds memory access issue existed in the ARM ptmxgetioctl function. This issue was addressed through improved bounds checking.

CVE-ID CVE-2014-1278 : evad3rs

The evad3rs are also credited with discovering an iOS filesystem bug, while the Google Chrome Security Team found a total of nine vulnerabilities in Safari's WebKit. Stefen Esser, the prominent iOS hacker, is also listed as discovering a “man-in-the-middle” exploit in the mobile OS. All of these and more have been patched in iOS 7.1.

Of course, this isn't the first time Apple has credited iOS hackers with helping to improve iOS security. Back in 2012, the so-called “dream team” of jailbreak hackers – Joshua Hill (@p0sixninja), @MuscleNerd, and @pod2g – were credited with uncovering another kernel exploit in Apple's iOS.

Though iOS 7.1 is indeed more secure, as noted above it's not possible to jailbreak the new mobile OS (as of this writing, at least).

We'll let you know if this changes, but in the meantime, jailbreakers are advised to steer clear of iOS 7.1 until evasi0n7 is updated accordingly.

Related articles