Page 1 of 2 12 LastLast
Results 1 to 20 of 31

Your favorite Apple, iPhone, iPad, iOS, Jailbreak, and Cydia site.


Thread: Pangu Jailbreak Team Credited by Apple for Security Improvements in iOS 8.1.1

  1. #1
    Default Pangu Jailbreak Team Credited by Apple for Security Improvements in iOS 8.1.1


    Apple has released a page on their Web site documenting the security improvements in the newly-released iOS 8.1.1 software release for its mobile devices, which patches the Pangu8 jailbreak for iOS 8.

    On the page, Apple credits @PanguTeam for finding and exploiting these vulnerabilities, which are now patched in iOS 8.1.1:

    Quote Originally Posted by Apple
    dyld

    Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later

    Impact: A local user may be able to execute unsigned code

    Description: A state management issue existed in the handling of Mach-O executable files with overlapping segments. This issue was addressed through improved validation of segment sizes.

    CVE-ID

    CVE-2014-4455 : @PanguTeam

    Kernel

    Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later

    Impact: A malicious application may be able to execute arbitrary code with system privileges

    Description: A validation issue existed in the handling of certain metadata fields of IOSharedDataQueue objects. This issue was addressed through relocation of the metadata.

    CVE-ID

    CVE-2014-4461 : @PanguTeam

    Sandbox Profiles

    Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later

    Impact: A malicious application may be able to launch arbitrary binaries on a trusted device

    Description: A permissions issue existed with the debugging functionality for iOS that allowed the spawning of applications on trusted devices that were not being debugged. This was addressed by changes to debugserver's sandbox.

    CVE-ID

    CVE-2014-4457 : @PanguTeam
    Among the things Apple credits the PanguTeam for are security patches for dyld, Sandbox Profiles, and the Kernel. There are also other security patches in this update that have been credited to other software developers that aren't the PanguTeam.

    In addition to the security updates, all that iOS 8.1.1 really did was improve stability on the iPad 2 and iPhone 4s. Jailbreakers will have more to benefit from by staying on iOS 8.1.

    Sources: Apple

  2. #2
    I highly doubt they'll ever be able to fully plug all the holes. Team pangu will pwn it soon enough!
    mod/edit links removed.

  3. The Following User Says Thank You to djaquapimp For This Useful Post:

    Sage I (2014-11-18)

  4. #3
    Quote Originally Posted by djaquapimp View Post
    I highly doubt they'll ever be able to fully plug all the holes. Team pangu will pwn it soon enough!
    Oh absolutely, there's no plugging ALL the holes

    Software 101.

  5. The Following 2 Users Say Thank You to Anthony Bouchard For This Useful Post:

    oakjox (2014-11-19), Sage I (2014-11-18)

  6. #4
    Livin the iPhone Life bigboyz's Avatar
    Join Date
    Feb 2009
    Location
    North East Coast
    Posts
    2,095
    Thanks
    19
    Thanked 430 Times in 265 Posts

    Funny how they have never singled out a Dev before this JB. On one end they are fighting the JB community and now they are giving props? Too funny.

  7. The Following 3 Users Say Thank You to bigboyz For This Useful Post:

    Jokadaking (2014-11-18), Rcworship (2014-11-18), WHUDS (2014-11-19)

  8. #5
    Quote Originally Posted by bigboyz View Post
    Funny how they have never singled out a Dev before this JB. On one end they are fighting the JB community and now they are giving props? Too funny.
    They've credited the evad3rs before in the past.

  9. The Following 3 Users Say Thank You to Anthony Bouchard For This Useful Post:

    Jokadaking (2014-11-18), lilpetabread (2014-11-19), WHUDS (2014-11-19)

  10. #6
    Quote Originally Posted by bigboyz View Post
    Funny how they have never singled out a Dev before this JB. On one end they are fighting the JB community and now they are giving props? Too funny.
    They have actually. This is just the first time they've mentioned pangu because this is the first time they've ever patched their jailbreak.

  11. #7
    iPhone? More like MyPhone
    Join Date
    Jun 2014
    Location
    US
    Posts
    221
    Thanks
    282
    Thanked 59 Times in 42 Posts

    Default Pangu Jailbreak Team Credited by Apple for Security Improvements in iOS 8.1.1
    I'm really hoping the Pangu team waits until 8.2 or 8.3 for the next jailbreak tool as they are going to be larger updates that will require a few smaller fixes each time. If they release one for 8.1.1 then Apple will fix it by 8.2.

    Edit: 8.2 was just seeded to developers. This would be a good time for Pangu to TEST jailbreak exploits for when 8.3 is seeded to developers. That way all firmware a below 8.3 can be jailbroken and we don't have an issue like we do right now where 8.1 and below are fine but 8.1.1 is not.
    Last edited by TDH Advocate; 2014-11-18 at 10:30 PM.

  12. The Following 2 Users Say Thank You to TDH Advocate For This Useful Post:

    Jahooba (2014-11-19), LeslieBee (2014-11-18)

  13. #8
    Restored my phone last night because my 8.1 was OTA.. Missed the cutoff by a couple hours.. Now I'm here on 8.1.1 like "cool"👍.. Fail

  14. #9
    Superbad Modder-ator Simon's Avatar
    Join Date
    Nov 2007
    Location
    Bermuda
    Posts
    48,875
    Thanks
    8,108
    Thanked 17,645 Times in 8,025 Posts

    Quote Originally Posted by EastBayBeast510 View Post
    Restored my phone last night because my 8.1 was OTA.. Missed the cutoff by a couple hours.. Now I'm here on 8.1.1 like "cool"��.. Fail
    They are still signing 8.1 as of right now. You haven't missed the window yet.

  15. #10
    Quote Originally Posted by Simon View Post
    They are still signing 8.1 as of right now. You haven't missed the window yet.
    I restored last night and it automatically uploaded 8.1.1.. Can I restore to 8.1 using dfu mode?

  16. #11
    Livin' the SPIDEY Life SpiderManAPV's Avatar
    Join Date
    Jun 2013
    Location
    Georgia USA
    Posts
    2,197
    Thanks
    1,697
    Thanked 826 Times in 526 Posts

    Quote Originally Posted by EastBayBeast510 View Post
    I restored last night and it automatically uploaded 8.1.1.. Can I restore to 8.1 using dfu mode?
    If they're still signing, yes.

    ......beware......
    Just your friendly neighborhood Spider-Man!

  17. #12
    Superbad Modder-ator Simon's Avatar
    Join Date
    Nov 2007
    Location
    Bermuda
    Posts
    48,875
    Thanks
    8,108
    Thanked 17,645 Times in 8,025 Posts

    Quote Originally Posted by EastBayBeast510 View Post
    I restored last night and it automatically uploaded 8.1.1.. Can I restore to 8.1 using dfu mode?
    Yes, as long as Apple is still signing 8.1 you can manually download it and shift/option restore to it in iTunes. I would do it ASAP as Apple could stop signing it at any moment.

  18. The Following 2 Users Say Thank You to Simon For This Useful Post:

    EastBayBeast510 (2014-11-18), Jahooba (2014-11-19)

  19. #13
    Quote Originally Posted by Simon View Post
    Yes, as long as Apple is still signing 8.1 you can manually download it and shift/option restore to it in iTunes. I would do it ASAP as Apple could stop signing it at any moment.
    You're a savior!!

  20. The Following User Says Thank You to EastBayBeast510 For This Useful Post:

    Simon (2014-11-18)

  21. #14
    Livin' the SPIDEY Life SpiderManAPV's Avatar
    Join Date
    Jun 2013
    Location
    Georgia USA
    Posts
    2,197
    Thanks
    1,697
    Thanked 826 Times in 526 Posts

    Quote Originally Posted by EastBayBeast510 View Post
    You're a savior!!
    Shh... Simon doesn't like it when people talk about that in public. Gotta wait for the Antichrist before we make it public like that.

    ......beware......
    Just your friendly neighborhood Spider-Man!

  22. The Following User Says Thank You to SpiderManAPV For This Useful Post:

    Simon (2014-11-18)

  23. #15
    Superbad Modder-ator Simon's Avatar
    Join Date
    Nov 2007
    Location
    Bermuda
    Posts
    48,875
    Thanks
    8,108
    Thanked 17,645 Times in 8,025 Posts

    Quote Originally Posted by SpidermanAPV View Post
    Shh... Simon doesn't like it when people talk about that in public. Gotta wait for the Antichrist before we make it public like that.

  24. The Following User Says Thank You to Simon For This Useful Post:

    SpiderManAPV (2014-11-18)

  25. #16
    Quote Originally Posted by Simon View Post
    How will I know if the window is closed? Will it let me know when I restore?

  26. #17
    Superbad Modder-ator Simon's Avatar
    Join Date
    Nov 2007
    Location
    Bermuda
    Posts
    48,875
    Thanks
    8,108
    Thanked 17,645 Times in 8,025 Posts

    Quote Originally Posted by EastBayBeast510 View Post
    How will I know if the window is closed? Will it let me know when I restore?
    You can check this site for signing status: https://ipsw.me/8.1

  27. The Following User Says Thank You to Simon For This Useful Post:

    EastBayBeast510 (2014-11-18)

  28. #18
    Another reason why I keep an Android. I owned every Note series phone and I have yet not be able to root it. Even without rooting Android are customize friendly.

    Another reason why I keep an Android. I owned every Note series phone and I have yet not be able to root it or have Google unroot it with a forced update. Even without rooting Android are customize friendly. Pretty soon apps will require 8.1.1 and above and jailbroken iphones will be forced to update.
    Last edited by Detroitking02; 2014-11-19 at 12:08 AM.

  29. #19
    Livin' the SPIDEY Life SpiderManAPV's Avatar
    Join Date
    Jun 2013
    Location
    Georgia USA
    Posts
    2,197
    Thanks
    1,697
    Thanked 826 Times in 526 Posts

    Quote Originally Posted by Detroitking02 View Post
    Another reason why I keep an Android. I owned every Note series phone and I have yet not be able to root it. Even without rooting Android are customize friendly.

    Another reason why I keep an Android. I owned every Note series phone and I have yet not be able to root it or have Google unroot it with a forced update. Even without rooting Android are customize friendly. Pretty soon apps will require 8.1.1 and above and jailbroken iphones will be forced to update.
    Apps don't change requirements in minor update versions.

    ......beware......
    Just your friendly neighborhood Spider-Man!

  30. The Following User Says Thank You to SpiderManAPV For This Useful Post:

    TDH Advocate (2014-11-19)

  31. #20
    Another reason why I keep an Android. I owned every Note series phone and I have yet not be able to root it or have Google unroot it with a forced update. Even without rooting Android are customize friendly. Pretty soon apps will require 8.1.1 and above and jailbroken iphones will be forced to update to a newer firmware.

Page 1 of 2 12 LastLast
Posting Permissions
  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •