Apple has today released iOS 13.5.1. The update patches the kernel vulnerability that led to the recent unc0ver jailbreak. “iOS 13.5.1 update provides important security updates and is recommended for all users”, says Apple in the update changelog.
According to Apple’s support page, the update is aimed to address the ability of applications to “execute arbitrary code with kernel privileges”. The company says the memory consumption issue was fixed with improved memory handling.
Apple started rolling out the update, Pwn20wnd – one of the developers of the unc0ver team confirmed on Twitter. The update fixes the kernel vulnerability that the team used.
The update comes just a few weeks after the Cupertino giant released iOS 13.5 with Exposure Notification API, improvements for Face ID, and Group FaceTime. Apple fixing the kernel vulnerability doesn’t really come as a surprise. The jailbreak was available on a wide-scale and surfaced just a couple of days after iOS 13.5 got released.
With this update, the widespread excitement of the iOS jailbreaking community got shortlived as they will now have to avoid new software updates to retain the jailbreak, which could potentially make devices vulnerable to new security flaws. While iOS jailbreak enthusiasts might not be happy. It is worth applauding Apple’s efforts to patch such a critical vulnerability within days after it got uncovered.
iOS 13.5.1 and iPadOS 13.5.1
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation. Impact: An application may be able to execute arbitrary code with kernel privileges. A memory consumption issue was addressed with improved memory handling. CVE-2020-9859: unc0ver
The update is available to iPhone 6s and later. You can update your iPhone right now from Settings -> General -> Software Update. Alongside iOS 13.5.1, Apple has also released iPadOS 13.5.1, watchOS 6.2.6, and updates to HomePod and Apple TV.