据巨魔商店公众号发文声称,开发人员在 iOS 中发现了一个新的 CoreTrust 漏洞,未来巨魔(TrollStore)有望添加对 iOS 15.5-16.6 和 17.0 的支持。而有望实现 TrollStore 永久签名的漏洞已在 iOS 16.7 和 iOS 17.0.1 系统被修复,因此后续版本无法利用相关漏洞部署相关应用。
巨魔(TrollStore)是一个永久签名的非越狱 App,允许用户在不越狱的情况下,在 iPhone 上安装未签名的 IPA 文件。据称,苹果在今年 9 月 22 日凌晨发布了 3 个系统,分别为 iOS 16.7 正式版、iOS 17.0.1 正式版和 iPhone 15 专属的 iOS 17.0.2 正式版系统,此更新是为了修复 CVE-2023-41991 漏洞,而 CVE-2023-41991 漏洞就是和 TrollStore 同一个漏洞。
因此,对于想要支持新的 TrollStore 巨魔商店的用户,请继续使用相关 iOS 版本,而 iOS 16.7 和 17.0.1 以上版本“将永远不会被支持(除非苹果第三次搞砸 CoreTrust)”。
新闻翻译:
Title: Apple may support TrollStore IPA software on iOS 15-17
Keywords: Apple, iOS, 15-17, TrollStore, IPA, software
News content:
According to the TrollStore official WeChat account, developers have discovered a new CoreTrust vulnerability in iOS, which may allow TrollStore to add support for iOS 15.5-16.6 and 17.0. In addition, the bug that allows TrollStore to sign permanently has already been fixed in iOS 16.7 and iOS 17.0.1 systems, so it will not be possible to use this bug to deploy related applications in later versions.
TrollStore is a non-越狱 App that allows users to install unsigned IPA files on their iPhone without going through the process of jailbreaking. It has been claimed that Apple released 3 new systems in the middle of this year, namely iOS 16.7, iOS 17.0.1 and the iPhone 15 exclusive iOS 17.0.2, in order to fix the CVE-2023-41991 bug, which is the same as the one TrollStore has.
Therefore, for users who want to support the new TrollStore TrollStore app, please continue to use the relevant iOS version, and the iOS 16.7 and 17.0.1 systems above will not be supported.除非苹果第三次搞砸 CoreTrust。
【来源】https://www.ithome.com/0/723/279.htm
Views: 1