CommunityNews

CommunityNews

Frustrated dev drops three zero-day vulns affecting Apple iOS 15

Upset with Apple’s handling of its Security Bounty program, a bug researcher has released proof-of-concept exploit code for three zero-day vulnerabilities in Apple’s newly released iOS 15 mobile operating system.

The bug hunter, posting on Thursday to Russia-based IT blog Habr under the name IllusionOfChaos and to Twitter under the same moniker, expressed frustration with Apple’s handling of vulnerability reports.

“I’ve reported four 0-day vulnerabilities this year between March 10 and May 4, as of now three of them are still present in the latest iOS version (15.0) and one was fixed in 14.7, but Apple decided to cover it up and not list it on the security content page,” the researcher wrote.

“When I confronted them, they apologized, assured me it happened due to a processing issue and promised to list it on the security content page of the next update. There were three releases since then and they broke their promise each time.”

Read in full here:

This thread was posted by one of our members via one of our news source trackers.

Most Liked

OvermindDL1

OvermindDL1

Saw this in the news, apple really really screwed up…

Where Next?

Popular Macos topics Top

First poster: bot
New “Report a Problem” link on product pages - News - Apple Developer. The App Store provides a safe and trusted place to discover apps ...
New
First poster: bot
The Apple-Dell deal that could have changed history. It’s been 10 years since the death of Steve Jobs. Michael Dell shares his memories ...
New
New
First poster: iPaul
Hardening macOS. Quick and easy guide for securing macOS systems, for both laymen and security enthusiasts. Last updated for Monterey (1...
New
First poster: bot
Apple intros “extreme” optional protection against the scourge of mercenary spyware.
New
New
New
First poster: bot
An app developer’s lawsuit over App Store rejections, scams and fraud has ended in a settlement agreement after court filings show a requ...
New
First poster: bot
Cupertino accused of “playing with fire” if it buys data storage components from YMTC.
New
First poster: bot
Apple reportedly wants to turn the iPad into a smart display with a new dock. Apple could reveal an iPad docking accessory next year.
New

Other popular topics Top

AstonJ
What chair do you have while working… and why? Is there a ‘best’ type of chair or working position for developers?
New
ohm
Which, if any, games do you play? On what platform? I just bought (and completed) Minecraft Dungeons for my Nintendo Switch. Other than ...
New
PragmaticBookshelf
Design and develop sophisticated 2D games that are as much fun to make as they are to play. From particle effects and pathfinding to soci...
New
AstonJ
poll poll Be sure to check out @Dusty’s article posted here: An Introduction to Alternative Keyboard Layouts It’s one of the best write-...
New
PragmaticBookshelf
Build highly interactive applications without ever leaving Elixir, the way the experts do. Let LiveView take care of performance, scalabi...
New
New
AstonJ
Was just curious to see if any were around, found this one: I got 51/100: Not sure if it was meant to buy I am sure at times the b...
New
PragmaticBookshelf
Author Spotlight: Karl Stolley @karlstolley Logic! Rhetoric! Prag! Wow, what a combination. In this spotlight, we sit down with Karl ...
New
DevotionGeo
I have always used antique keyboards like Cherry MX 1800 or Cherry MX 8100 and almost always have modified the switches in some way, like...
New
AnfaengerAlex
Hello, I’m a beginner in Android development and I’m facing an issue with my project setup. In my build.gradle.kts file, I have the foll...
New