BrickFix can save you from the iMessage bug that could crash your iPhone
Google’s Project Zero is a nice (as well as scary, depending on the perspective) initiative from the Mountain View giant to find and disclose zero-day vulnerabilities inside various products and services, including non-Google ones.
Yesterday, the team literally dropped a bomb by disclosing all the details of a critical security flaw in Apple’s iMessage. Using a specially crafted message, one can easily crash the operating system.
In case of Macs, the impact is quite minimal (“soagent to crash and respawn”), but iPhone users are the one who could be affected. The exploit will eventually trigger an infinite crash-and-restart loop to the Springboard, i.e. the home screen of your phone or iPad.
Fortunately the bug (CVE-2019-8573 and CVE-2019-8664) has already been patched by Apple in the iOS 12.3 update. However, a huge chunk of iPhone and iPad users prefer to stay on older firmware, especially the jailbreak community. What about them?
There are few known tricks to get out of the crash or bootloop, as documented by Natalie Silvanovich of Google Project Zero:
For testing purposes, there are three ways that I found to unbrick the device:
1) wipe the device with ‘Find my iPhone’
2) put the device in recovery mode and update via iTunes (note that this will force an update to the latest version)
3) remove the SIM card and go out of Wifi range and wipe the device in the menu
However, none of them are feasible in the context of keeping your data or staying on the preferred (older) firmware version.
The source code of the tweak is open, and anyone can review it by taking a look at the GitHub repo. As there is no public exploit to achieve jailbreak from iOS 12.1.3 and beyond, having this fix is nothing but a godsend for the modding community.
PiunikaWeb is a unique initiative that mainly focuses on investigative journalism. This means we do a lot of hard work to come up with news stories that are either ‘exclusive,’ ‘breaking,’ or ‘curated’ in nature. Perhaps that’s the reason our work has been picked by the likes of Forbes, Foxnews, Gizmodo, TechCrunch, Engadget, The Verge, Macrumors, and more. Do take a tour of our website to get a feel of our work. And if you like what we do, stay connected with us on Twitter (@PiunikaWeb) and other social media channels to receive timely updates on stories we publish.