author photo
By Clare O’Gara
Tue | Aug 20, 2019 | 2:34 PM PDT

In the world of cybersecurity patches, No Take-Backs is probably a good rule of thumb.

Unfortunately, Apple went against that logic with iOS 12.4.

The update undid a patch established in iOS 12.3, and now it's letting hackers release a jailbreak exploit.

ZDNet covered the story and offered advice for both iOS 12.2 and 12.4 users:

"That bug was discovered by Ned Williamson, a Google security engineer who works with Google Project Zero. Apple patched the issue in iOS 12.3 on May 13 and two months later Williamson published an exploit for iOS 12.2 – dubbed SockPuppet – using the bug.

Apple then released iOS 12.4 on July 22 with fixes for several zero-click vulnerabilities also found by Google Project Zero, minus the one Williamson reported. 

People using iOS 12.4 or iOS 12.2 and below should be careful with what they download from the App Store in coming weeks because an app could include the jailbreak," according to security researcher Stefan Esser.