Apple Credits PanguTeam With Discovering Three Security Vulnerabilities in iOS 8

Apple Credits PanguTeam With Discovering Three Security Vulnerabilities in iOS 8

Posted by · 23400 views · Translate
Apple has credited the PanguTeam with discovering three security vulnerabilities in iOS 8.

Earlier today, Apple posted a support document detailing the security content of iOS 8.1.1. In that document, PanguTeam is credited for finding a Dyld, Kernel, and Sandbox Profile vulnerability.

Dyld
● Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later
● Impact: A local user may be able to execute unsigned code
● Description: A state management issue existed in the handling of Mach-O executable files with overlapping segments. This issue was addressed through improved validation of segment sizes.
● CVE-ID: CVE-2014-4455 : @PanguTeam

Kernel
● Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later
● Impact: A malicious application may be able to execute arbitrary code with system privileges
● Description: A validation issue existed in the handling of certain metadata fields of IOSharedDataQueue objects. This issue was addressed through relocation of the metadata.
● CVE-ID: CVE-2014-4461 : @PanguTeam

Sandbox Profiles
● Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later
● Impact: A malicious application may be able to launch arbitrary binaries on a trusted device
● Description: A permissions issue existed with the debugging functionality for iOS that allowed the spawning of applications on trusted devices that were not being debugged. This was addressed by changes to debugserver's sandbox.
● CVE-ID: CVE-2014-4457 : @PanguTeam

Since Apple has identified the exploits used by PanguTeam, the iOS 8.1.1 firmware update kills the Pangu8 jailbreak.

At this time it's unclear if the PanguTeam have any more exploits up their sleeve but you should follow iClarified on Twitter, Facebook, Google+, or RSS for updates.

Read More


Apple Credits PanguTeam With Discovering Three Security Vulnerabilities in iOS 8

Apple Credits PanguTeam With Discovering Three Security Vulnerabilities in iOS 8

Apple Credits PanguTeam With Discovering Three Security Vulnerabilities in iOS 8
Rajesh - November 25, 2014 at 4:25pm
For step by step tutorial for pangu jailbreak please visit www.iphone clinic.net (without space) lots of how to tutorials, latest news and how to get cracked apps and many more
Rajesh kumar - November 23, 2014 at 3:14pm
Latest news on apple products. How to tutorials , how to videos, how to jailbreak, how to install tweaks, how to get cracked apps and much more, please visit www.iphoneclinic.net
Apple iDiot - November 18, 2014 at 9:31pm
so Apple spends millions on engineers and the hackers are the one that are really working, I would fire everybody period. and pangu get no money whatsoever.
juggalojuggalo - November 18, 2014 at 7:43pm
I'd say the majority of new iOS features originated in the jailbreak community: widgets, notifications, foldlers, etc...
Jackson Browne - November 18, 2014 at 8:49pm
Nonsense. The majority of 'new' iOS features originated long before the iPhone ever existed. They were simply copied from older devices, such as Palm Pilots. they may have first appeared on iPhones that were jailbroken, as the jailbreak community was willing to be the guinea pigs testing the ideas on iOS. they were hardly original ideas.
13 More Comments
Recent