The development comes as Apple announced it will distribute special iPhones with root access that are less restrictive than their consumer counterparts to security researchers. This leaves Apple customers in potential danger, because security holes that enable jailbreaking also leave the iPhone wide open for malicious hacking.
Over the weekend a hacker who goes by the name Pwn20wned began refining jailbreaks based on SockPuppet so they support a wider variety of Apple's A processors used in iOS devices.
Jailbreaking - analogous to rooting on Google's Android - is a privilege escalation that allows iOS users to remove software restrictions imposed by Apple, thereby making it possible to bypass the company's walled garden to add apps and other functions, including those from unofficial app stores. That's a big problem for Apple, according to Jonathan Levin, a security researcher who spoke with Motherboard. That said, he also notes that the returning bug may already be exploited for "bad purposes". He reportedly suggested the vulnerability could be used to create spyware that steals user data. Williamson published his iOS 12.2 exploit well after Apple released iOS 12.3, but that exploit code has now been available for hackers to test for several weeks before a patch is available.
"Due to 12.4 being the latest version of iOS now available and the only one which Apple allows upgrading to, for the next couple of days (till 12.4.1 comes out), all devices of this version are jail breakable and vulnerable to what is effectively a 100+ day exploit, a Jonathan Levin, a security researcher was quoted as saying".