Apple has today released iOS 13.5.1. The update patches the kernel vulnerability that led to the recent unc0ver jailbreak. “iOS 13.5.1 update provides important security updates and is recommended for all users”, says Apple in the update changelog.
According to Apple’s support page, the update is aimed to address the ability of applications to “execute arbitrary code with kernel privileges”. The company says the memory consumption issue was fixed with improved memory handling.
Right after Apple started rolling out the update, Pwn20wnd – one of the developers of unc0ver team confirmed on Twitter that the update fixes the kernel vulnerability that the team used.
I can confirm the new *OS updates have patched the kernel vulnerability used by the #unc0ver jailbreak.
If you are on iOS 13.5, stay and save blobs.
If you are not on iOS 13.5, update to it with the IPSW using a computer while it is still being signed and save blobs.
— @Pwn20wnd (@Pwn20wnd) June 1, 2020
The update comes just a few weeks after the Cupertino giant released iOS 13.5 with Exposure Notification API, improvements for Face ID, and Group FaceTime. Apple fixing the kernel vulnerability doesn’t really come as a surprise since the jailbreak was available on a wide-scale and surfaced just a couple of days after iOS 13.5 got released.
With this update, the widespread excitement of the iOS jailbreaking community got shortlived as they will now have to avoid new software updates to retain the jailbreak, which could potentially make devices vulnerable to new security flaws. While iOS jailbreak enthusiasts might not be happy, it is worth applauding Apple’s efforts to patch such a critical vulnerability within days after it got uncovered.
The update is available to iPhone 6s and later. You can update your iPhone right now from Settings -> General -> Software Update. Alongside iOS 13.5.1, Apple has also released iPadOS 13.5.1, watchOS 6.2.6, and updates to HomePod and Apple TV.