Google and Amnesty International discovered a sophisticated #iPhone zero-day #exploit chain used in targeted attacks, which prompted #Apple to release #iOS 16.4.1 to fix the vulnerabilities. The exploit involves manipulating buffers and IPC messages, leveraging various IPC methods, and bypassing #security measures to gain #control over the #system and execute arbitrary #code.

https://googleprojectzero.blogspot.com/2023/10/an-analysis-of-an-in-the-wild-ios-safari-sandbox-escape.htmla