New ‘Unpatchable’ iOS Exploit could Lead to Permanent Jailbreak


Jailbreaks seemed to be a thing of the past, but a newly announced iOS exploit could lead to a permanent, unblockable jailbreak on hundreds of millions of iPhones.

New ‘Unpatchable’ iOS Exploit could Lead to Permanent Jailbreak

A security researcher has released today a new jailbreak that impacts all iOS devices running on A5 to A11 chipsets — chips included in all Apple products released between 2011 and 2017, spanning eight generations of devices, from iPhone 4S to iPhone 8 and X. checkm8 (read as checkmate) the exploit is a bootrom vulnerability that could give hackers deep access to iOS devices on a level that Apple would be unable to block or patch out with a future software update. That would make it one of the biggest developments in the iPhone hacking community in years.

The exploit is specifically a bootrom exploit, meaning it’s taking advantage of a security vulnerability in the initial code that iOS devices load when they boot up. And since it’s ROM (read-only memory), it can’t be overwritten or patched by Apple through a software update, so it’s here to stay, in other words, it’s permanent.. It’s the first bootrom-level exploit publicly released for an iOS device since the iPhone 4, which was released almost a decade ago.

In a follow-up tweet, axi0mX explained that they released the exploit to the public because a “bootrom exploit for older devices makes iOS better for everyone. Jailbreakers and tweak developers will be able to jailbreak their phones on latest version, and they will not need to stay on older iOS versions waiting for a jailbreak. They will be safer.”

Fortunately, the exploit requires physical access to a phone and has to be carried out over USB, so while hundreds of millions of iPhones are at risk, it’s unlikely that many of them will be impacted. As far as we know, there’s no jailbreak using the checkm8 exploit yet. But there is a risk that the exploit could be developed and not require physical access in the future, which could leave millions of devices vulnerable.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.