Security vulnerabilities in Javascript hotpatching in iOS with a commercial and open-source tool

Abstract

The need for developers to be able to update mobile apps immediately on discovery of a critical is something the Apple iOS software patching system does not allow through their traditional app patching lifecycle. Two tools have been developed to solve this problem, one commercial and one open-source. Both employ JavaScript and dynamic code downloads and provide a method for users to receive immediate updates, but both have the potential to be abused and open the user to multiple security vulnerabilities. This paper will discuss the how tools JSPatch and Rollout.io, open-source and commercial respectively, enable quick updates but also expose users to multiple security vulnerabilities.