Apple has just issued iOS 6.1.3 (build 10B329), an incremental update to its mobile operating system powering iPhones, iPads and iPods. This particular update brings fixes to the widely reported Lock screen vulnerability, first discovered a month ago, which lets people with access to your iPhone, iPad or iPod touch to easily bypass your passcode and get to your personal information on the device.
Today’s firmware also contains Maps improvements for Japan. If you’re jailbroken, you’ll want to stay away from this update until we collect more information…
According to release notes accompanying the 18.2MB download, this update contains the following improvements and bug fixes:
• Fixes a bug that could allow someone to bypass the passcode and access the Phone app
• Improvements to Maps in Japan
You’ll recall that Apple earlier this month has delivered a bunch of much-needed fixes and improvements for its iOS Maps application in Japan via an over-the-air update to non-iOS 6.1.3-beta devices.
To apply this update, go to General > Software Update in your iOS Settings or connect your device to iTunes.
The previous update, iOS 6.1.2, fixed an Exchange calendar bug that could result in increased network activity and reduced battery life.
It was fun while it lasted, but it appears that Apple has finally put an end to evasi0n. Earlier today, the company released iOS 6.1.3 to the masses, and as expected, it contains patches for multiple exploits used in the popular iOS 6.x jailbreak.
MuscleNerd confirmed our fears on Twitter just a few moments ago, pointing out that Apple has credited the evad3rs with the discovery of 4 of the 6 security flaws that were patched in today’s update. So jailbreakers should stay far away…
Here’s one of the exploits mentioned in the security briefing:
Kernel Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: A local user may be able to determine the address of structures in the kernel Description: An information disclosure issue existed in the ARM prefetch abort handler. This issue was addressed by panicking if the prefetch abort handler is not being called from an abort context. CVE-ID CVE-2013-0978 : evad3rs
Remember, as planetbeing explained in an interview last month, the evasi0n jailbreak relies on a number of exploits. So it’s not clear what this means exactly for the jailbreak community in the near future. But we’re guessing it’s not good news.
As for the distant future, though, the evad3rs have said that they still have several ‘major’ exploits in reserve, outside of what evasi0n used, so rest assured that we will see another jailbreak come around again. We’re just not sure when.
The evasi0n jailbreak tool was created by the evad3rs team—made up of MuscleNerd,pod2g, planetbeing, and pimskeks. It landed on February 4 of this year, and withstood two iOS software updates.
Apple yesterday let iOS 6.1.3 out of the gate, fixing the widely reported Lock screen vulnerability. As you’re probably aware, the glitch was first detailed a month ago and lets people with access to your iPhone, iPad or iPod touch easily bypass your passcode and mess with your private data on the device. But as is often the case, new software releases fix old bugs and introduce new ones to be squashed in the future.
A report Wednesday claims an all-new Lock screen vulnerability has been discovered in iOS 6.1.3, one making it easy to – you guessed right – bypass one’s passcode and gain access to an unsuspecting user’s contacts and photos kept on the device. Luckily, this one can be avoided easily by disabling the Voice Dial feature…