Apple has issued an emergency patch for all its supported devices. This update brings Apple TV and Homepod to version 13.4.6, Apple Watch 6.2.6, iOS and iPadOS to 13.5.1, and as a supplemental update to Mac OS Catalina 10.15.5 and High Sierra 10.13.6. Interestingly Mojave doesn’t seem to be affected by this, nor due older supported versions of iOS, though those updates could be delayed for some unknown reason.
Apple lists the update as being CVE-2020-9859 and is a vulnerability in the kernel level, which is never a good thing. However the really telling part is that they give the discovery credit to “unc0ver”, which is a jailbreaking tool that can jailbreak iOS devices from iOS 11 to 13.5. Jailbreaking is a function which allows devices to uninstall software from other sources, in this case apps and services outside of Apple’s App Stores. While these can be used for pirated apps, they tend to be commonly used for adding new features, launchers, default apps, etc. that Apple normally won’t authorize. However jailbreaking typically has to work by exploiting security holes found in the system, meaning that someone could use the exploit the unc0ver jailbreak used to install malware onto your iPhone or iPad without your knowing.
Jailbreaking is a legitimate and legal thing to do (at least in the US) on devices that are your own. However, they come with security risks. If you’re not jailbreaking your devices, I would update your Apple devices immediately.
If you click a link and purchase something through our articles, these may be affiliate links through which we earn a commission. Commission on products do not affect editorial ability or direction, and we try to add affiliate links to items we either do or would recommend and use ourselves. We do not take money or affiliate commissions from companies in exchange for reviewing their products.