Apple iOS 17.6 official release: fixes vulnerabilities to improve security
iPadOS 17.6 still supports jailbreaking on some models in the following devices that can be upgraded to the iPadOS 17 system will workPalera1n Jailbreak
Palera1n supported models
| iPhone | iPad | iPod (loanword) | Apple TV |
|---|---|---|---|
| iPhone 6s | iPad mini 4 | iPod Touch (7th generation) | Apple TV HD |
| iPhone 6s Plus | iPad (5th generation) | Apple TV 4K (first generation) | |
| iPhone SE (2016) | iPad (6th generation) | ||
| iPhone 7 | iPad (7th generation) | ||
| iPhone 7 Plus | iPad Pro (9.7-inch) | ||
| iPhone 8 | iPad Pro (12.9-inch) (first generation) | ||
| iPhone 8 Plus | iPad Pro (10.5-inch) | ||
| iPhone X | iPad Pro (12.9-inch) (2nd generation) | ||
| iPad Air 2 |
Apple has recently released iOS 17.6 and iPadOS 17.6, providing important security updates for a range of devices. The update applies to the iPhone XS and later models, as well as multiple versions of the iPad Pro, iPad Air, iPad and iPad mini. Here are some of the key issues fixed by this update:
1. AppleMobileFileIntegrity
affect (usually adversely): Apps may bypass privacy preferences.
descriptive: Added code signature restrictions to address degradation issues.
CVE-2024-40774: Found by Mickey Jin.
2. CoreGraphics
affect (usually adversely): Handling of malicious files may cause the application to terminate abnormally.
descriptive: The out-of-bounds read problem was solved by improving input validation.
CVE-2024-40799: Reported by D4m0n.
3. CoreMedia
affect (usually adversely): Processing a malicious video file may cause the application to terminate abnormally.
descriptive: The out-of-bounds write problem was solved by improving input validation.
CVE-2024-27873: Reported by Amir Bazine and Karsten König.
4. dyld
affect (usually adversely): A malicious attacker may bypass pointer authentication.
descriptive: The problem of competing conditions is solved by adding validation.
CVE-2024-40815: Reported by w0wbox.
5. Family Sharing
affect (usually adversely): Applications may read sensitive location information.
descriptive: Problem solved by improved data protection.
CVE-2024-40795: Reported by Csaba Fitzl.
In addition, the update fixes vulnerabilities involving several components such as ImageIO, Kernel, libxpc, Phone, Photos Storage, Sandbox, Shortcuts, Siri, VoiceOver, and WebKit. These fixes are designed to enhance system stability and security against potential attacks and data leaks.
The iOS 17.6 update is an important step in Apple's ongoing commitment to improving user data security and privacy protection. Users can update via the General option in the Settings app on their device.
