The Checkm8 exploit, described by the security researcher who published it as "a permanent unpatchable bootrom exploit" might be good news for the jailbreaking community who can use it to unlock devices, but it's not so good for those worried about keeping their iPhones and iPads secure.
The scope of this exploit is huge.
The exploit affects all iOS devices running on A5 to A11 chipsets. These chips were shipped in iPhones and iPads released between 2011 and 2017, and spanning eight generations of devices, from iPhone 4S to iPhone 8 and X.
This is an unpatchable exploit because, as opposed to a software bug that can be updated, this vulnerability is baked into the chipset.
It's right inside the hardware.
So, what can you do to protect yourself or your company?
The only comfort for affected iPhone and iPad owners here is that this exploit requires physical access to the device and can only be triggered over USB, and it cannot be executed remotely. For the average user, this probably downgrades the severity of this vulnerability, but it will be of little comfort to companies who have hundreds, or even thousands of iPhones and iPads deployed.
Endpoint software will also likely be useful in spotting compromised devices, but there are gaps in that sort of security (for example, it still leaves the data on the device vulnerable).
The other option is to buy new hardware.
For the average user, this exploit is nothing to worry about, but for enterprise users it is likely to be a headache that will hang around until the old iPhones and iPads are replaced with new iPhones and iPads.
- iOS 13: New features you might have missed
- iOS 13 battery life bad? Top tips to fix battery drain issues
- Study shows that majority of second-hand hard drives contain previous owner's data
- Must-have productivity apps and accessories for the iPad Pro
- Best iOS apps (September 2019 edition)
- Does the iPhone 11 have a hidden feature waiting to be activated?
- When is Android 10 coming to my phone?
- iPhone 11, iPhone 11 Pro, and iPhone 11 Pro Max: What are the differences?