Apple has released an emergency patch to fix a flaw in the kernel component. Reports indicate that Apple had accidentally reverted a patch previously issued for this vulnerability in May 2019. The devices which had installed updates released in June 2019 were exposed to this vulnerability again.
This vulnerability was discovered by Ned Williamson of Google Project Zero. Ned Williamson had released an exploit named ‘SockPuppet’ and ‘SockPuppet2’. An updated version of this exploit named ‘SockPuppet 3.0‘ was released by another security researcher named Umang Raghuvanshi. A hacker identified as Pwn20wnd released a public jailbreak to work on the devices running security updates from June.
Identified by CVE-2019-8605, this is a ‘use-after-free’ vulnerability which allows a malicious application to execute arbitrary code with system privileges and jailbreak on devices. This also allows users to install and run uncertified software. Researchers warn that the applications available for download from the AppStore could contain a copy of jailbreak in them. Hence it is advised to verify every application before download and install.
Apple has fixed this vulnerability with security updates for Mac OS X:
- Product: MacOS
- Affected OS: macOS Mojave 10.14.6
- Affected feature: Kernel
- Impact: Arbitrary code execution with system privileges
- CVE: CVE-2019-8605
SecPod SanerNow detects these vulnerabilities in macOS and automatically fixes it by applying security updates.