The palera1n team launched a jailbreak tool for iOS 16 in the middle of this month. Jailbreaking removes software restrictions on iOS devices so that users can access and modify system files for various custom modifications and app sideloading, among other features. And now a developer has managed to exploit a vulnerability found in iOS 16 to change the default fonts on iOS without the need for a jailbreak.
Developer Zhuowei Zhang shared the GitHub project, which he calls a “proof-of-concept app,” on his Twitter account, saying that the app uses the CVE-2022-46689 vulnerability to override the default iOS fonts so that users can customize the system’s appearance using a font other than the default (San Francisco).
iOS 16.1.2 and earlier versions are affected by the CVE-2022-46689 vulnerability, which essentially allows apps to execute arbitrary code with kernel privileges. The vulnerability has been fixed in iOS 16.2, and the new version also fixes a number of other security vulnerabilities found in previous versions of iOS.
Because iOS has its own font format, developers experimented with only a few fonts, including DejaVu Sans Condensed, Serif, Mono, and Choco Cooky.
Zhang says the modifications are theoretically safe for everyone, so they will be undone after a device reboot. Nonetheless, the developers recommend that users make a backup before changing the default system fonts.
While the app created by Zhang does not require a jailbreak, installing it on an iPhone or iPad may not be as easy. This is because you will need to compile the Xcode project yourself or manually sign the IPA file with a developer certificate to install it on your device.
