Apple 'still investigating' three unpatched security flaws in iOS 15

Apple 'still investigating' three unpatched security flaws in iOS 15

In early September, security researcher Denis Tokarev wrote a blog post in which he complained about some interactions with Apple's bug bounty program. The incident originated from four security vulnerabilities submitted to Apple through the Bug Nounty Program. However, after waiting for a long time, he found that only one had been fixed. The latest news is that Apple has responded to the matter, claiming that it is "still investigating" the relevant issues.

[[426391]]

Tokarev told Motherboard that three other vulnerabilities were not fixed in the earlier iOS 15 update. Now, Apple has apologized for the delay in communication and added that the company is investigating the issues.

We have seen your blog post and other reports of this issue and apologize for the late response. We want to let you know that we are still investigating these issues and how we are fixing them to protect customers.

Thanks again for taking the time to report these issues to us, and please let us know if we can help you in any way.

However, aside from the three buildings that Apple is still fixing, Tokarev said he was not credited for reporting the fixed vulnerability.

It is reported that the three unpatched vulnerabilities include a flaw that may cause the App Store application to read certain data including Apple ID, email address, contact list, etc.

However, Tokarev also admitted that the three vulnerabilities he reported between March 10 and May 4, 2021 were not that serious, so it is understandable to a certain extent that Apple did not give them such a high priority.

Finally, despite Apple's claim that its bug bounty program has been "hugely successful," at least one cybersecurity expert told Motherboard that Apple's handling of this situation is somewhat unusual.

Another said that it wasn't until the media exposed the loopholes in the repair department that Apple took the time to respond to Tokarev's questions.

<<:  WeChat cloud storage charges kill three birds with one stone, but it is "going against the trend"

>>:  WeChat iOS version updated! Voice calls can display the other party's Moments updates

Recommend

GlobalData: VR industry market size is expected to reach US$51 billion in 2030

The statistics platform GlobalData released its l...

Is it always fun to be on vacation? Not necessarily!

The May Day holiday is coming to an end in the bl...

User growth fission guide!

Fission is a standard feature for user growth and...

Teach you to write a super simple swoole chat room in five minutes

I was originally planning to continue writing my ...

Don’t buy this kind of balloon! Why?

Audit expert: Zhou Hongzhi Senior Experimentalist...

Which one is better, negative keywords or exact negative keywords?

Through the search term report, we can see whethe...

This is a "big event" that has been planned since the 80s...

A drop of water can reveal the vast ocean. Only b...

They are both dogs, so why are Huskies so stupid?

Hello, this is Science Popularization China. Toda...

A good place to drink tea in the three towns of Wuhan

Wuhan Tea Tasting Contact Information I strongly ...

How much does it cost to be an agent for a food mini app in Hohhot?

What is the price of being an agent of Hohhot Foo...

Douyin recommendation review mechanism, see here!

The number of monthly active users of Douyin worl...

Jixi SEO training: skills needed for high-quality pseudo-original articles

1. Incorporate other people’s perspectives High-q...