If you looked on Twitter yesterday you might’ve noticed a tweet by Twitter User @daeken which warned everyone to not update to Switch Firmware 3.0.1 if they want Switch Hax.
https://twitter.com/daeken/status/898101160980037633
This has now been confirmed by more people of the scene together with a short description of this amazing bug which was in a way also present on the 3DS up to Firmware 7.0. Funny to see Ninty still doing old mistakes.
https://twitter.com/SciresM/status/898205566883028992
https://twitter.com/smealum/status/898206322163802114
Here is the Description and successful exploitation result from switchbrew:
| Summary | Description | Successful exploitation result | Fixed in system version | Last system version this flaw was checked for | Timeframe this was discovered | Public disclosure timeframe | Discovered by |
|---|---|---|---|---|---|---|---|
| sm:h, smhax, probably other names (SM:Initialize() not checked) | Prior to 3.0.1, the service manager (“sm”) built-in system module treats a user as though it has full permissions if the user creates a new “sm:” port session but bypasses initialization.In 3.0.1, “sm” returns error code 0x415 if Initialize has not been called yet. | Acquisition, registering, and unregistering of arbitrary services | 3.0.1 | 3.0.1 | April 2017 | August 17, 2017 | Everyone |
As you can see this was a huge bug that which, as described by @hedgeberg, is nearly as good as full kernel control.
https://twitter.com/hedgeberg/status/898219179223986176
So if you haven’t updated your Switch just yet but want to be able to use SwitchHax sooner or later do NOT update your Switch. If anything new is found out, I’ll post it as soon as I can.
Source: All the Devs mentioned here on Twitter