Apple Issues New Security Patch for iOS, Apple TV, Watch, Mac, and HomePod.

Apple has issued an emergency patch for all its supported devices. This update brings Apple TV and Homepod to version 13.4.6, Apple Watch 6.2.6, iOS and iPadOS to 13.5.1, and as a supplemental update to Mac OS Catalina 10.15.5 and High Sierra 10.13.6. Interestingly Mojave doesn’t seem to be affected by this, nor due older supported versions of iOS, though those updates could be delayed for some unknown reason.

Apple lists the update as being CVE-2020-9859 and is a vulnerability in the kernel level, which is never a good thing. However the really telling part is that they give the discovery credit to “unc0ver”, which is a jailbreaking tool that can jailbreak iOS devices from iOS 11 to 13.5. Jailbreaking is a function which allows devices to uninstall software from other sources, in this case apps and services outside of Apple’s App Stores. While these can be used for pirated apps, they tend to be commonly used for adding new features, launchers, default apps, etc. that Apple normally won’t authorize. However jailbreaking typically has to work by exploiting security holes found in the system, meaning that someone could use the exploit the unc0ver jailbreak used to install malware onto your iPhone or iPad without your knowing.

Jailbreaking is a legitimate and legal thing to do (at least in the US) on devices that are your own. However, they come with security risks. If you’re not jailbreaking your devices, I would update your Apple devices immediately.

Feel free to comment.

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.