Apple has blocked the TaiG jailbreak with the release of iOS 8.4.1, closing several vulnerabilities discovered by the team.
A document detailing the security content of iOS 8.4.1 reveals the various exploits closed by Apple.
AppleFileConduit ● Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later ● Impact: A maliciously crafted afc command may allow access to protected parts of the filesystem ● Description: An issue existed in the symbolic linking mechanism of afc. This issue was addressed by adding additional path checks. ● CVE-2015-5746 : evad3rs, TaiG Jailbreak Team
Air Traffic ● Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later ● Impact: AirTraffic may have allowed access to protected parts of the filesystem ● Description: A path traversal issue existed in asset handling. This was addressed with improved validation. ● CVE-2015-5766 : TaiG Jailbreak Team
Backup ● Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later ● Impact: A malicious application may be able to create symlinks to protected regions of the disk ● Description: An issue existed within the path validation logic for symlinks. This issue was addressed through improved path sanitization. ● CVE-2015-5752 : TaiG Jailbreak Team
Code Signing ● Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later ● Impact: A malicious application may be able to execute unsigned code ● Description: An issue existed that allowed unsigned code to be appended to signed code in a specially crafted executable file. This issue was addressed through improved code signature validation. ● CVE-2015-3806 : TaiG Jailbreak Team
Code Signing ● Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later ● Impact: A specially crafted executable file could allow unsigned, malicious code to execute ● Description: An issue existed in the way multi-architecture executable files were evaluated that could have allowed unsigned code to be executed. This issue was addressed through improved validation of executable files. ● CVE-2015-3803 : TaiG Jailbreak Team
Code Signing ● Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later ● Impact: A local user may be able to execute unsigned code ● Description: A validation issue existed in the handling of Mach-O files. This was addressed by adding additional checks. ● CVE-2015-3802 : TaiG Jailbreak Team ● CVE-2015-3805 : TaiG Jailbreak Team
IOHIDFamily ● Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later ● Impact: A local user may be able to execute arbitrary code with system privileges ● Description: A buffer overflow issue existed in IOHIDFamily. This issue was addressed through improved memory handling. ● CVE-2015-5774 : TaiG Jailbreak Team
If you're jailbroken, please take extra care not to update to iOS 8.4.1. We likely won't see another jailbreak until after iOS 9 is released but make sure to follow iClarified on Twitter, Facebook, or RSS for updates.
Add Comment
Would you like to be notified when someone replies or adds a new comment?
Yes (All Threads)
Yes (This Thread Only)
No
Notifications
Would you like to be notified when we post a new Apple news article or tutorial?
Anyone notice how the impact description for almost all of them is useless. "May access protected parts of the OS" yea? Well computers give us that for free, at least PCs do, if we bought the phone and OS from you we have every right to access ANY part of the OS.
The OS, namely "iOS", is protected to inhibit malware, spyware and adware. Be glad that Apple is constantly patching and updating their OS when vulnerabilities and exploits are discovered. If they didn't, iOS would be just as crappy as Android. Think before you post.
Furthermore, you don't buy the OS. You buy the hardware and the right to use the software. It is still Apple's property. The same goes with any software you may use. You don't own it...you use it.
RE: iSheep Herder; Who said anything about MY knowledge and level of computer and system management? I was speaking toward the general public who, more likely than not, do not have the skills that I and apparently you have. I have been a huge proponent of jailbreaking, and still am...as long as a few security measures after the process are done...first and foremost being downloading a terminal app and changing the default root password. I agree that jailbreaking has added more features and ideas toward the advancement of iOS than the development teams at Apple themselves. Apple does not "hold my hand". My main desktop OS is a Linux flavor. But the truth is that most people don't have the knowledge required to keep a Linux-based or Windows OS badware free.therefore
Ugh...Therefore, Apple's Unix-based software is the best choice for those people because it offers the user-friendly, pleasant experience of whichever device they may be using, it simply does what it is supposed to do when you tell it to do so. That is the caveat of Android. Though you may be able to have more control, after the badware takes hold...you have limited functionality. Nevermind that it is marketed towards lower-income people, either. Do you really think those people have the system administration skills that you and I have? The average person over 30 most definitely does not, and of the younger groups, the percentage of people that don't far outweigh the ones that do. So in summary, yes...think before YOU post, and think beyond yourself, and realize that there are many, many people out there that need their "hand held". and when it comes to a companion software to guide you through the badware-laden internet of today, Apple is the best guide available.
That's why I don't jailbreak anymore that was way back the iPhone 3g days. Before there is no airplay mirroring, airdrop, custom ringtones, free apps. Now everything is there added on every iOS update. If you don't want to pay developers on their hard work just wait for it to become free because they are generous enough to make it free for a day and if you had the chance to get news on the free stuff on the appstore, you're lucky (besides, there are apps that scoop the appstore for free for a dya apps). I chose not to jailbreak because of security. I am happy of my secured phone not like android tha is a malware and virus magnet. If you install antiviruses it also slows down your device becaise it runs on the background, consumes memory space. So why sacrifice security just to install cracked apps?! It is a hassle to reformat your phone on every jailbreak update. Jailbreaking is a thing of the past dude!
Actually I need my jailbreak, there's tether me and speed intensifier and phantom and movie box 3 and others that are essential, I don't crack apps and get them for free, I do pay for those, but I do believe that the jailbreak does make my phone more usable and without the jailbreak, I might as well go to android. Jailbreak is the only thing that makes iPhone better than android, because android has had these tweaks for years before Apple finally put them into iOS, and it's the new tweaks that come out on Cydia that beats regular iOS and android. Then android copies it and implements it about 3-4 months down the road and then Apple implements it about 2-3 years down the road
It was expected. This ain't no cat in mouse game anymore for those who think it is because the hackers tell Apple about the vulnerabilities. And it's on purpose so the jailbreak developers find even more holes.