Apple 'still investigating' three unpatched security flaws in iOS 15

Apple 'still investigating' three unpatched security flaws in iOS 15

In early September, security researcher Denis Tokarev wrote a blog post in which he complained about some interactions with Apple's bug bounty program. The incident originated from four security vulnerabilities submitted to Apple through the Bug Nounty Program. However, after waiting for a long time, he found that only one had been fixed. The latest news is that Apple has responded to the matter, claiming that it is "still investigating" the relevant issues.

[[426391]]

Tokarev told Motherboard that three other vulnerabilities were not fixed in the earlier iOS 15 update. Now, Apple has apologized for the delay in communication and added that the company is investigating the issues.

We have seen your blog post and other reports of this issue and apologize for the late response. We want to let you know that we are still investigating these issues and how we are fixing them to protect customers.

Thanks again for taking the time to report these issues to us, and please let us know if we can help you in any way.

However, aside from the three buildings that Apple is still fixing, Tokarev said he was not credited for reporting the fixed vulnerability.

It is reported that the three unpatched vulnerabilities include a flaw that may cause the App Store application to read certain data including Apple ID, email address, contact list, etc.

However, Tokarev also admitted that the three vulnerabilities he reported between March 10 and May 4, 2021 were not that serious, so it is understandable to a certain extent that Apple did not give them such a high priority.

Finally, despite Apple's claim that its bug bounty program has been "hugely successful," at least one cybersecurity expert told Motherboard that Apple's handling of this situation is somewhat unusual.

Another said that it wasn't until the media exposed the loopholes in the repair department that Apple took the time to respond to Tokarev's questions.

<<:  WeChat cloud storage charges kill three birds with one stone, but it is "going against the trend"

>>:  WeChat iOS version updated! Voice calls can display the other party's Moments updates

Recommend

How to get the approval of senior management for SEO implementation plan?

As an SEO for a large company, the most difficult...

Is "Shake" the peacemaker between TV and the Internet?

The 2015 Lunar New Year was a little later than u...

Is MLC better than TLC? What exactly are flash memory particles?

If one word is used to describe the SSD market in...

Methodology! How operators can take advantage of hot topics to plan events!

The operations department plans activities based ...

Why is short video promotion and marketing so popular? How to play?

Driven by the trends of video mobility, informati...

How much does it cost to rent a game server per month?

How much does a game server cost per month? How m...

Tencent QQ Android beta version 8.8.35 has been upgraded to 64-bit version

On October 15, according to netizens' feedbac...

What is the core of the brand breakthrough strategy of the To B industry?

The influence of brands has been weak for a long ...

Record an APP transfer process

Due to business needs, you need to transfer the d...

[Case] ​​How did her community achieve 40 million users in a year?

In the past six months, many mobile community app...

Important reminder! Regarding travel during the National Day holiday!

The National Day holiday is approaching, and the ...