Apple on Monday released iOS 12.4.1, a minor update that contains a fix for a fairly significant security vulnerability.
While iOS 12.4.1 doesn’t appear to contain any user-facing changes or new features, it does fix an issue that makes your device vulnerable to hackers and malicious attacks. Here’s what you should know.
According to Apple’s security content notes, iOS 12.4.1 addresses a kernel-based issue that could allow a malicious app to “execute arbitrary code with system privileges.”
That’s the gist of the update, but it isn’t the whole story.
Last week, security researchers discovered that Apple’s iOS 12.4 update actually reintroduced a serious flaw that Apple had previously patched in iOS 12.3.
That bug, which was first discovered by a Google Project Zero researcher, essentially allowed a device to be jailbroken.
- As a result of the bug’s reintroduction, the first jailbreak for current iPhones running the latest software surfaced soon after.
- Notably, it marked the first time that a current jailbreak has been released in quite some time.
It’s worth noting that Apple thanked the creator of the jailbreak, security researcher @Pwn20wnd, for their help in identifying the issue. But the vulnerability could also be leveraged by a rogue app or a bad actor to “hack any up-to-date iPhone,” according to an anonymous security researcher.
Pwn20wnd noted that it’s likely the vulnerability has already been used for malicious purposes in the wild.
Williamson, the bug’s discoverer, notes that “somebody could make a perfect spyware” because of the bug. Malicious code run by an app could, for example, be used to break through iOS’s sandbox and steal user data. Another could allow an attacker to deploy browser exploits.
Downloading iOS 12.4.1
Because of the seriousness of the security vulnerability, it’s highly recommended that you update your device to iOS 12.4.1 as soon as possible.
The update is available for iPhone 5s and later, iPad Air and later, and iPod touch 6th generation and later. It clocks in at about 95.6 megabytes on an iPhone 8.
You can download and install the update over-the-air by going to Settings > General > Software Update.