Developers are making great use of the MacDirtyCow bug present on iOS & iPadOS 15.x-16.1.2 devices, which allows sideloaded or perma-signed apps to perform tasks that would typically only be possible with a jailbreak.
The palera1n team used this New Year holiday to announce exciting intentions for the forthcoming 2023 year with respect to palera1n, the checkm8 bootrom exploit-based jailbreak tool for A9-A11 chip-equipped handsets running iOS or iPadOS 15.0-16.x.
In an interesting turn of events Thursday afternoon, it appears that Odyssey Team lead developer CoolStar appears to have officially handed the keys of the Sileo package manager to longtime Sileo Team member Amy While (@elihwyma).
A bug affecting iOS & iPadOS versions 15.x-16.1.2 and macOS 13.0.1 called CVE-2022-46689, also codenamed MacDirtyCow, has been making headlines recently. This bug was discovered by security researcher Ian Beer of Google Project Zero, and while it’s not being used in any jailbreaks, it does appear to be at the epicenter of some interesting hacks for modding iPhones and iPads recently, such as TrollLock Reborn.
Apple is no longer signing iOS or iPadOS 16.1.2 as of Tuesday evening, a move that could’ve been predicted by almost anybody given that it’s been around a week since the company released the newer iOS & iPadOS 16.2 software update to the general public.
Apple’s iCloud Activation Lock feature prevents unauthorized users from acquiring your device, restoring it as new, and using it as their own. Unfortunately, users can be locked out of their own device by this feature after forgetting a password or buying an iCloud locked device from the internet.
The palera1n team this week released version 1.4.1 of its checkm8 bootrom exploit-based jailbreak tool for A9-A11 chip-equipped handsets running iOS or iPadOS 15.0-16.x, all while one team member demonstrated the tool’s upcoming and previously-teased GUI (graphical user interface).
Zebra, a popular alternative package manager for various jailbreak tools, was updated to version 1.1.30 on Monday with a slew of bug fixes and improvements.
Jailbreak developer @xina520 pushed an updated beta build of the XinaA15 jailbreak tool early Monday morning, this time bringing the tool up to version 1.1.5.
Hacker and security researcher @_simo36 shared a particularly captivating Tweet this weekend that was comprised of a screenshot in which they appeared to show off a vulnerability proof of concept (PoC) via a command line interface for an iPhone 14 (iPhone 15,3) running iOS 16.1.2 (build 20B110).
This past Wednesday, we saw the public testing release of the XinaA15 jailbreak tool for A12-A15 devices ranging from the iPhone XS to the iPhone 13 Pro Max running iOS 15.0-15.1.1, and while it supported tweak injection, there was an issue where users couldn’t sign in to repositories such as Havoc or Chariz via package managers like Sileo and Zebra. This, of course, meant that users couldn’t install their previously-purchased tweaks.
With the official rollout of iOS & iPadOS 16.1.1 a several Wednesdays ago, and the release of iOS 16.1.2 just last week, Apple has made a predictable move this evening by unsigning iOS & iPadOS 16.1 and 16.1.1.