A fully functional kernel exploit called zIVA that affects all iOS devices running 10.3.1 and earlier versions has been publicly released by a security researcher. The exploit targets eight vulnerabilities, one of which affects the iOSurface kernel extension, while seven others affect the AppleAVE Driver kernel extensions. The exploit also allows hackers root access to Apple devices.
Fortunately, Apple already issued a patch for the exploit in its May security update. Apple reportedly requested that Adam Donenfeld, the man who researched the vulnerabilities and released zIVA, delay his publication of the exploit code to give users enough time to upgrade their devices.
"The issues are severe and could lead to a full device compromise. The vulnerabilities ultimately lead to an attacker with initial code execution to fully control any iOS device on the market prior to version 10.3.2," Donenfeld said in a blog. "Fortunately, we responsibly disclosed these bugs to Apple and a proper fix was coordinated. iOS users that update their device to the latest iOS version should be protected."
Last week, a researcher leaked the decryption key to Apple's Secure Enclave, substantially affecting iOS security. However, unlike the zIVA iOS kernel, Apple doesn't plan to issue a patch for the Apple SEP decryption key. The vulnerabilities indicate that Apple's security may not be as fool-proof as previously thought.
To find out more about the iOS kernel exploit, click here.