Illustration by Alex Castro / The Verge
Apple pushed out a software update today to repair a problem that it had previously patched — and then somehow unpatched. Update 12.4.1 introduces a fix for a vulnerability in which, according to Apple, “a malicious application may be able to execute arbitrary code with system privileges” — a fix that was originally introduced back in May, and removed in June.
Here’s what happened: The patch was originally issued on May 13th via iOS 12.3 to safeguard Apple mobile devices (iPhone 5S and later, iPad Air and later, and the sixth-generation iPod touch) from a vulnerability which could open them to jailbreaking. All good — until a new update, iOS 12.4, inadvertently undid the patch and once again made the devices susceptible to the attack,…