Ian Beer, a researcher at Google’s security team Project Zero, has released an exploit for iOS and macOS. In his own words, he wants to make research possible and ultimately improve the security of the operating systems.
Bear announced the release via Twitter and wrote that with it it is possible to get tfp0 on all 64bit devices. That stands for ‘task for pid 0’, which gives access to the kernel’s memory. Although the exploit, for which Apple has now released a patch, is a starting point, it cannot be used directly as a jailbreak. The method only works on iOS 11.1.2 and below, Beer said. The researcher has published the code on Project Zero’s bug tracker.
Google explains to Motherboard that with the release, Beer wants to enable research into the security of iOS without people having to write their own exploit. Ultimately, this should lead to researchers finding more vulnerabilities and reporting them to Apple, the company said. Motherboard writes that other iOS researchers have since said that the possibility exists that Beer’s method can be converted into a full jailbreak.
Google’s Project Zero more often finds vulnerabilities in products from other manufacturers and developers. However, it is not often that it also publishes an exploit.