
Apple Credits Evad3rs Jailbreak Team for Some iOS 6.1.3 Security Fixes
Earlier today, Apple released iOS 6.1.3 to address the passcode lockscreen bypass bug, along with some map fixes for Japan. Part of the update includes numerous security fixes, which Apple has credited four of them to the Evad3rs jailbreak team, as noted by @MuscleNerd:
Apple gives hat tip to @evad3rs for 4 of the 6 security fixes in 6.1.3 🙂 is.gd/nfspim
— MuscleNerd (@MuscleNerd) 19. März 2013
Apple also released an Apple TV 5.2.1 update today that also included the same 3 of 4 security fixes credited to the evad3rs. These include fixing exploits where:
- A local user may be able to execute unsigned code
- A local user may be able to determine the address of structures in the kernel
- A local user may be able to execute arbitrary code in the kernel
In the description of these security fixes, credit is noted to the evad3rs at the bottom:
Impact: A local user may be able to execute unsigned code
Description: A state management issue existed in the handling of Mach-O executable files with overlapping segments. This issue was addressed by refusing to load an executable with overlapping segments.
CVE-ID
CVE-2013-0977 : evad3rs
If your device is on the evasi0n jailbreak, do not update to iOS 6.1.3 as that will remove your jailbreak.