A newly discovered bootrom exploit in iOS, dubbed as ‘checkm8’, could lead to permanent jailbreak on iOS devices that run on Apple’s A-series processors.
According to security researcher axiomX, the vulnerability affects hundreds of millions of iOS devices starting from the iPhone 4S, to the iPhone 8, as well as the iPhone X. The affected devices also include iPad models starting with the iPad 2 up to the 2017 iPad Pro.
The vulnerability could give attackers deep access to iOS devices. axiomX claims that ‘checkm8’ is possibly one of the biggest news in the iPhone hacking community for years. Being a bootrom exploit, it affects devices at bootrom level instead of taking advantage of vulnerabilities in the OS or software. Now, this essentially means that Apple won’t be able to fix the issue with a simple patch or an update. To fix the issue, Apple would need to make physical changes directly to its A-series processors.
EPIC JAILBREAK: Introducing checkm8 (read "checkmate"), a permanent unpatchable bootrom exploit for hundreds of millions of iOS devices.
Most generations of iPhones and iPads are vulnerable: from iPhone 4S (A5 chip) to iPhone 8 and iPhone X (A11 chip). https://t.co/dQJtXb78sG
— [email protected] (@axi0mX) September 27, 2019
As expected, the new flaw has some serious security concerns, as the vulnerability can offer root access to affected devices. Therefore, it’s possible that attackers could use the exploit to take control and delete sensitive information from other user’s devices.
However, there’s some good news as axiomX explained that the vulnerability can’t be used remotely. Now, this means that attackers would need physical access to an iOS device to take undue advantage of this vulnerability. Therefore, just make sure you’re iPhone or iPad is passcode protected.
Apple is yet to make any official statement regarding this exploit, though we’ll update you as soon as Apple responds to the matter.
iPhone jailbreaking isn’t as popular as it was 7 years from now. During the early days of the iPhone, jailbreaking was primarily done to install third party apps that were not available via the App Store. Jailbreaking allows iOS users to add apps and other functions that Apple wouldn’t usually allow users to perform on their iPhones. iOS has rather strict limitations that are designed to protect users from malicious apps but also gives Apple’s more control over the ecosystem. Therefore, jailbreaking hurts your iPhone’s security, but at the same time gives users more control over the phone.
The last jailbreak we heard was back in August this year when a new vulnerability was found in iOS 12.4. It was the first iOS jailbreak to be publicly revealed in years.