It was only about a week after Apple released iOS & iPadOS 14.8 with patches for the zero-click exploits that were actively weaponized in the wild and by the Pegasus spyware that iOS developer Mario Cheung released a jailbreak tweak called FORCEDEXIT to address the issue on pwned handsets running affected firmware versions.
Today, Cheung seems to be at it again with a new and free jailbreak tweak dubbed EntitlementFix, which allegedly fixes three additional 0-day exploits known to impact jailbreakable versions of Apple’s mobile operating systems.
Details about the three aforementioned 0-day exploits where divulged online this past week and shared to /r/jailbreak this weekend, which prompted Cheung’s quick response to develop fixes that would protect jailbreakers from being targeted.
Citing the blog post about the three 0-day exploits, they had allegedly been disclosed to Apple as a part of Apple’s Security Bounty Program, however the company has been slow to respond to the reports and at least two out of three of them continue to affect modern operating systems, including iOS & iPadOS 15.0.
Just like Cheung’s other security-enhancing tweak, EntitlementFix is open source and will only protect users when they are in a jailbroken state since it operates within the bounds of a tweak injection method. Fortunately, with an untether release just around the corner, users should may soon enjoy a jailbroken state indefinitely in the very near future.
For what it’s worth, the identified 0-day exploits aren’t useful for developing jailbreaks. Instead, they merely put affected users’ devices at risk of potential security exploitation. For that reason, it’s highly unfortunate that Apple hasn’t addressed them. But the good news is that the jailbreak community has, and that’s yet another chalked point for the pros of jailbreaking in 2021.
If you’re interested in downloading the new EntitlementFix tweak, then you can grab it from Cheung’s personal repository free of cost via your favorite package manager app. The tweak supports jailbroken iOS 14 devices, and it’s source code is available on GitHub for those interested in learning more about how the tweak works.
If you’re not already taking full advantage of Cheung’s personal repository, then you can add it to your package manager of choice via the following URL:
https://tweak.mario.net.in/
Do you plan to further secure your jailbroken handset with the new EntitlementFix tweak? Tell us why or why not in the comments section down below.