To curtail bad press, Apple apologized to the frustrated cyber security researcher Denis Tokarev aka @
Zero-day exploits in iOS have received a lot of attention, recently, after Amnesty International published a new database of the victims attacked by Pegasus spyware. Developed by Israeli-based company NSO, Pegasus uses these zero-day vulnerabilities which do not require any action from the victims to take control of the latest iPhones, simply by sending a text message. Subsequent reports have questioned Apple’s iPhone security and the company’s will to prevent such attacks.
Apple apologies for ignoring three zero-day flaws in iOS 15 and quietly fixes them
In his disclosure blog post, Tokarev mentions that Apple has apologized to him for the delay and said it is investigating the matter “exactly 24 hours after this publication I finally received a reply from Apple.”
We apologize for the delay in responding to you,” an Apple employee wrote. “We want to let you know that we are still investigating these issues and how we can address them to protect customers. Thank you again for taking the time to report these issues to us, we appreciate your assistance. Please let us know if you have any questions.”
However, it is not the first time the tech giant has apologized to the researcher.
When I confronted them, they apologized, assured me it happened due to a processing issue and promised to list it on the security content page of the next update. There were three releases since then and they broke their promise each time.
Ten days ago I asked for an explanation and warned then that I would make my research public if I don’t receive an explanation. My request was ignored so I’m doing what I said I would. My actions are in accordance with responsible disclosure guidelines (Google Project Zero discloses vulnerabilities in 90 days after reporting them to vendor, ZDI – in 120). I have waited much longer, up to half a year in one case.
Having said that, a jailbreak developer told Tokarev that Apple has released a fix for all three 0-days, which was done in one day after I have disclosed them. But he has not confirmed the claim.
- 5 tips to fix Wi-Fi issues on iOS 15
- 4 tips to fix Bluetooth issues on iOS 15
- How to stop photos from Messages appearing in Shared with You in iOS 15
- Here are easy fixes to common iOS 15 issues and problems
- On iOS 15, AirPod Pro owners can not use Siri to control Active Noise Cancellation and Transparency features