After a dearth of major public jailbreaks since iOS 10, a method of jailbreaking iOS 11 devices has been discovered by Google security researcher Ian Beer.
For those unfamiliar, jailbreaking is a method of exploiting a vulnerability in Apple’s mobile operating system in order to gain more control over what you can do with your device. For instance, with a jailbroken iPhone, users can install any app, run emulators and customize the interface. The jailbreaking scene, however, has died out over the last few years, largely because much of the functionality offered via the process is now built directly into iOS 11.
Beer released the proof-of-concept code for a rooting concept that works on both iOS and macOS devices on December 11th. According to Beer, a memory corruption issue on iOS 11.1.2 and below allows an attacker to execute malicious code with system-level privileges.
Apple released a fix for the bug (identified by bug number CVE-2017-13861) on December 2nd with iOS 11.2. It’s unclear what the identifier is for macOS, since Apple doesn’t include detailed descriptions for each fix.
Essentially, this means that if you’re willing to keep your device at iOS 11.1.2 — security risks and all — then you can jailbreak your iPhone. Various jailbreaking projects have already said they plan on integrating Beer’s code into their tools, and if you’ve got the knowledge and patience, you can already access his proof-of-concept code and tinker away on your own.
Beer said he tested the exploit on iPhone 6s, iPhone 7, iPod Touch 6G, and Mac OS 10.13 on a MacBook Air 5.2, though it should work on other devices as well.
Beer is a researcher with Google’s Project Zero, a department tasked with identifying zero-day vulnerabilities — meaning security vulnerabilities unknown to anyone interested in fixing the issue.