iOS 10.3.1 Kernel Exploit May Allow Downgrading to iOS 10.2

Adam Donenfeld, the security researcher who has been credited for 8 exploits that were fixed in iOS 10.3.2 released earlier in the week, plans to release the exploits at a security conference in August.

His tweets initially sparked off rumors of the much awaited iOS 10.3.1 jailbreak, but Donenfeld was quick to clarify that he doesn’t plan to release a jailbreak, however, he would be happy to help someone who is interested in developing a jailbreak.

Luca Todesco, well-known hacker and developer of the Yalu Jailbreak, which can be used to jailbreak iOS 10.2 – iOS 10, has highlighted in a tweet that the iOS 10.3.1 kernel exploit alone may not be enough to develop a jailbreak. However, he goes on to point out that it may be possible to downgrade to iOS 10.2 if you’ve saved iOS 10.2 blobs, which indirectly means that you will be able to jailbreak your iPhone, iPad or iPod touch as iOS 10.2 can be jailbroken using Yalu Jailbreak.

The kernel protection bypass for i7 is workable on 10.1.1, and is perfectly stable. The issue was in mach_portal; better bugs can fix it.

— qwertyoruiop (@qwertyoruiopz) May 22, 2017

You can save SHSH blobs using tsssaver, which can then be used by tools like Prometheus to downgrade to an unsigned iOS firmware version. Unfortunately, if you haven’t saved the SHSH blobs for iOS 10.2, then it won’t be possible to save it now as Apple has stopped signing iOS 10.2. However, it is a good idea to save iOS 10.3.1 SHSH blobs as Apple is still signing iOS 10.3.1 if you haven’t done so already.

Share this post