These updates fix a few things besides previously mentioned, also as well patching security holes in iOS 8.1.1, so the Pangu jailbreak tool, can no longer be used. Apple has confirmation about this, via security documents posted on its official website and give credit to the Pangu team, for their discoveries
Apple provides three security exploits loopholes list has been fixed in iOS 8.1.1, security exploits loopholes that includes the kernel, dyld and sandbox profiles. everything is still related with unsigned code execution. previously, some time ago Pangu team has confirmed this, if ios 8.1.1 will kill the jailbreak tool .
In addition to security exploits loopholes panggu jailbreak has been fixed by Apple, this update also fixes other security loopholes, which of course relates to the privacy of users, ie unauthorized users or those who deliberately borrow your iPhone, iPad and iPod, can see and send photos via lockscreen on your device.
Apple patched 3 vulnerabilities in iOS 8.1.1 used by pangu Jailbreak
You can read details about security flaws quoted via Apple's website:
dyld
Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later
Impact: A local user may be able to execute unsigned code
Description: A state management issue existed in the handling of Mach-O executable files with overlapping segments. This issue was addressed through improved validation of segment sizes.
CVE-ID
CVE-2014-4455 : @PanguTeam
Kernel
Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later
Impact: A malicious application may be able to execute arbitrary code with system privileges
Description: A validation issue existed in the handling of certain metadata fields of IOSharedDataQueue objects. This issue was addressed through relocation of the metadata.
CVE-ID
CVE-2014-4461 : @PanguTeam
Sandbox Profiles
Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later
Impact: A malicious application may be able to launch arbitrary binaries on a trusted device
Description: A permissions issue existed with the debugging functionality for iOS that allowed the spawning of applications on trusted devices that were not being debugged. This was addressed by changes to debugserver’s sandbox.
CVE-ID
CVE-2014-4457 : @PanguTeam
We recommend for you who have been running the iOS 8.1 jailbreak, avoid updating your device to iOS 8.1.1. This would be at risk, you will lose the jailbreak and be patient to wait Pangu team released a new jailbreak for iOS 8.1.1, and we do not know how long it takes the team to make it happen.
However, if you are not so concerned with the jailbreak, please download and install this version of iOS and enjoy it.
0 Komentar untuk "Apple patched 3 vulnerabilities in iOS 8.1.1 used by pangu Jailbreak"