Apple Zero-Day Flaw on iOS 15.0.2 Finder Reveals Company Fails to Credit Him

Apple zero-day security flaw on iOS 15.0.2’s finder is now saying that the Cupertino tech giant released a fix for it without giving him the credit.

apple zero day flaw ios 15.0.2 finder, apple zero day flaw, apple failed to credit, apple, ios 15

(Photo : by Feline Lim/Getty Images)
SINGAPORE, SINGAPORE – SEPTEMBER 24: An Apple logo is seen on the ground as people wait in line to purchase newly released products at the Apple Store at Orchard Road on September 24, 2021 in Singapore. Apple announced September 14 the release of four variants of its latest iPhone 13, alongside other upgrades to its product lineup.

As per Bleeping Computer’s latest report, the iPhone maker quietly rolled out an update that fixed the zero-day security flaw hiding beneath the iOS 15.0.2 that hackers could infiltrate last Monday, Oct. 11.

A software developer that goes by the name Denis Tokarev found out about the zero-day vulnerability on Apple’s iOS 15.0.2 even seven months before the software was released to the stable channel.

Apple Zero-Day Flaw on iOS 15.0.2

The zero-day security flaw that Tokarev discovered could allow the apps that iOS 15 users installed through the official app marketplace of the Cupertino giant, the Apple App Store, to access users’ sensitive data.

The bug exploits any protection that the iPhone maker put in place, such as consent and control protections, as well as transparency or sandboxing.

According to TomsGuide, the flaw known as the CVE-2021-30883 vulnerability specifically corrupts the memory in the IOMobileFrameBuffer, allowing third-party apps to execute commands on the devices without any prior permission.

The outlet further noted that bugs such as this do not only expose the sensitive data of vulnerable devices, it also allows attackers to stuff in some malware.

It is to note that Apple also released a fix for the said flaw for the iPadOS 15.0.2.

Apple Zero-Day Flaw Finder Failed To Be Credited

Apple Insider further reported that Tokarev went on to contact Apple after learning that the company already released a fix for the critical security flaw that he discovered. The software developer asked the tech giant about the missing credit to him.

As such, Apple responded to his inquiry, asking the flaw finder to keep the email thread confidential.

Bleeping Computer said in the same report that the Cupertino giant vowed to issue the credit in the upcoming security updates. What’s more, the tech giant offered to “apologize for the inconvenience.”

Apple Security Flaws and Denis Tokarev

Tokarev also disclosed that he has already reported a total of four security flaws to the iPhone maker.

As of writing, Apple has only released a security patch for two out of four, including one in iOS 14.7 and the latest from iOS 15.0.2.

On the other hand, the other two zero-day vulnerabilities have yet to be fixed by the Cupertino behemoth, telling the software developer that it was “still investigating.”

Written by Teejay Boris

News Related

OTHER NEWS

Paytm gets Sebi nod for mega Rs 16,600-crore IPO

New Delhi, Digital financial services firm Paytm has received market regulator Sebi’s approval for its Rs 16,600 crore initial public offer, a source involved in the process said on Friday. ... Read more »

EU's £80bn project in crisis after banning UK as bloc tipped to struggle financially

Horizon Europe is the EU’s key funding programme for research and innovation. The EU has banned the UK from involvement in the project until it resolves its deepening row over ... Read more »

Porous funding policy sees students falling through the cracks

© Provided by Eyewitness News JOHANNESBURG – A storm is brewing at many institutions of higher learning over the N+2 policy of the National Student Financial Aid Scheme (NSFAS). Under ... Read more »

Oppo may launch its first foldable phone in November 2021: Reports

Oppo is working on its first foldable phone and it is expected to launch it in November 2021, reports GSMArena. Some of the key specs have been revealed in the ... Read more »

Dorries pledges online safety reforms following killing of Sir David Amess

© PA Wire Regional cabinet meeting – Bristol Online hate has “poisoned public life”, the Culture Secretary has said, as she pledged to bring in sweeping reforms in memory of ... Read more »

Apps to help you drive greener: Google Maps introduces 'eco-friendly routing' that will lower you carbon footprint - but make journeys LONGER

© Provided by This Is Money MailOnline logo Motorists will be helped to drive more economically thanks to new technology that will be available in Britain next year. The first ... Read more »

Economic recovery must prioritise our climate - Melinda Matthews-Clarkson

On one hand, the task seems too great. Environmental commentators paint bleak pictures of a world that is already on its knees from carbon emissions that are not slowing at ... Read more »

Who will pay for Net Zero Strategy? How green dreams fall on your shoulders - and wallet

Boris Johnson has finally unveiled his strategy for the UK to reach net zero carbon emissions by 2050. The blueprint to make Britain green lays bare how averting climate disaster ... Read more »

iQOO India reveals Android 12 beta update roadmap for its phones

© Provided by The Indian Express iQOO is the latest smartphone brand to announce its Android 12 beta update timeline. The news comes just days after Vivo revealed the Android ... Read more »

Manipur friends start crowdfunding drive to build phone keyboard to type Tangkhul language

© Provided by The Print New Delhi: A group of seven friends in Manipur has started a crowdfunding drive to build a virtual keyboard that will allow typing in the ... Read more »

Apple’s new App Store rules give more options to developers

Apple has officially changed its rules to allow app developers to highlight alternative purchasing options outside apps, and also to communicate more directly with customers. This upgrade was done two ... Read more »

Happy Karwa Chauth 2021: You can gift THESE tech gadgets to your spouse

© Provided by Zee News New Delhi: Karwa Chauth 2021 is only a few months away. It is an age-old Hindu practice in which married Hindu women fast and pray ... Read more »

Blackpool Illuminations: Meet the mastermind behind the seaside resort’s world-famous light display

Blackpool’s world famous Illuminations have been lighting up the seaside town’s promenade during wintertime since 1879. And while Richard Williams doesn’t go back quite that far, he has been working ... Read more »

Redmi Note 11, Note 11 Pro & Redmi Note 11 Pro+ Prices, Specs Leaked: All Details

© Provided by News18 Redmi Note 11, Note 11 Pro & Redmi Note 11 Pro+ Prices, Specs Leaked: All Details Xiaomi’s Redmi Note 11, Note 11 Pro, and Redmi Note ... Read more »

Alder Lake is the high-performance hybrid Formula 1 racing car we have built for computing: Intel

© Provided by The Financial Express Prakash Mallya, VP and MD-Sales, Marketing and Communications Group, Intel India Intel’s Alder Lake processors are coming soon with rumour-mills hinting at a November ... Read more »

Google blocked 1.6 million phishing emails since May 2021

Tech giantGoogle has blocked 1.6 million phishing emails Since May 2021, which were part of a malware campaign aimed at stealing YouTube accounts and promoting cryptocurrency schemes.According to Google’s Threat ... Read more »

Jio Platforms' consolidated net profit jumps 23.5% to Rs 3,728 crore

Jio Platforms on Friday posted a 23.48 per cent jump in consolidated net profit to Rs 3,728 crore for the second quarter ended September 30, the company’s parent firm Reliance ... Read more »

5 best premium phones to buy this Diwali: iPhone 13 if you can find it, OnePlus 9 Pro if you want value

Most smartphone buyers go for the pocket-friendly options available in the market for their personal needs. Why not? After all, budget smartphones today are equipped with almost all the features ... Read more »

Deals of the day in Amazon sale: Apple iPad, Samsung smartphone, Lenovo laptop and more

Amazon’s month-long sale is offering deals and discounts. It’s ‘Extra Happiness Days’ on Amazon now as part of the sale. The e-tailor has partnered with IndusInd Bank, Axis Bank and ... Read more »

Niti VC urges Tesla to make electric cars in India

Niti Aayog Vice Chairman Rajiv Kumar on Thursday urged US-based Tesla to manufacture its iconic electric vehicles in India, while assuring the company that it will get the tax benefits ... Read more »

PhonePe starts charging processing fee on UPI transactions for mobile recharges

Walmart group’s digital payments firm PhonePe has started charging processing fees in the range of Re 1 to Rs 2 per transaction for mobile recharges done for value above Rs ... Read more »

Amazon sale: Power banks, earphones, cables and other mobile accessories available at up to 78% off

Amazon Great Indian Festival sale is on. If you are looking to buy a power bank, wireless earphones, cables or other mobile accessories, then here are options that you can ... Read more »

Centre in HC defends IT rule requiring WhatsApp to trace originator of message

New Delhi, The Centre has defended in the Delhi High Court the legal validity of its new IT rule requiring messaging apps, such as WhatsApp, to “trace” the first originator ... Read more »

Apple TV 4K (2021) review: Picture perfect

critic rating4 Top Features Impressive performance Picture quality Remote gets better When you think of streaming devices, Apple perhaps isn’t part of the mainstream conversation. One of the reasons is ... Read more »

Happy Karwa Chauth 2021: 5 tech gadgets that you can gift your wife

Karwa Chauth 2021 is right around the corner. It is the age-old tradition wherein married Hindu women observe a fast and pray for their husband’s well being. It is celebrated ... Read more »

Apple MacBook Air 2022 launch date, features leaked; check details here

© Provided by Zee News New Delhi: Apple had its ‘Unleashed’ event earlier this week, during which it unveiled two new MacBook Pro models, as well as next-generation AirPods and ... Read more »

The honest green guide: what ‘net zero’ will really cost you

© Provided by The Telegraph The Government proposals will change everything from the way we heat our homes to the food we eat, the holidays we take and how we ... Read more »

Smartphone Pinkie: Holding Your Smartphone For Long Hours Could be Bad

Smartphone pinkie has been a controversial topic earlier this week when one user tweeted about its dangers. If you are holding your smartphone using your pinky finger, you might want ... Read more »

CEMEX Ventures and Taronga Ventures Invest in Startup Looking to Ease Global Logistics Challenges

CEMEX, S.A.B. de C.V. (“CEMEX”), its subsidiary CEMEX Ventures and Taronga Ventures announced today their investment in Voyage Control, a UK-based startup that offers a digital platform to help construction ... Read more »

Why Elon Musk may be ‘sleep-deprived’ and in need of a break

Elon Musk has talked about stepping down from Tesla for a couple of years and his absence from the regularly scheduled conference call to discuss quarterly financial results this week ... Read more »

Epic Games opposes Apple's effort to pause antitrust trial orders

Smartphone with Epic Games logo is seen in front of Apple logo in this illustration taken, May 2, 2021. REUTERS/Dado Ruvic/Illustration/File Photo Oct 22 (Reuters) – “Fortnite” creator Epic Games ... Read more »

WhatsApp will stop running on these old phones from Apple, Samsung and others

Come November 1 and WhatsApp will reportedly stop running on a number of older-generation smartphones from Apple, Samsung and others. Facebook-owned WhatsApp has confirmed that it will stop supporting Android ... Read more »

TikTok Video of a Woman Tackles Amazon Alexa's Ability to Collect User's Recordings

Amazon’s Alexa is capable of keeping all your audio recordings, according to a viral TikTok video uploaded by a woman. Upon requesting all the possible data from her smart home ... Read more »

Video Game Emulators: Is It Worth Using Them, Or Should You Just Buy An Old Console?

Video game emulators are a long-running moot point among gamers. Many say they’re good because they help preserve old games. Others say they’re bad because they might be illegal. But ... Read more »

China’s EV battery manufacturers race to develop new technologies that are less reliant on pricey metals

This second instalment of a three-part series on China’s electric car batteries looks at the technology behind the alternative power source. On the evening of January 9, William Li, chief ... Read more »

Victorians warned of ‘thunderstorm asthma’ risk as massive storms approach east coast

Victorians have been warned of thunderstorm asthma conditions as a high pollen count potentially combines with isolated storm cells in the state’s north east. The Victorian Department of Health on ... Read more »

Online Gamers Beware: Hacker’s Microsoft-Signed Rootkit Malware Steals In-Game Purchases, Data

Online gamers are the target of hackers’ Microsoft-signed rootkit malware, which steals in-game purchases and other kinds of data. (Photo : by GERARD JULIEN/AFP via Getty Images) The logo of ... Read more »

Facebook Has a New Whistleblower that has the Same Allegations as Frances Haugen [REPORT]

Facebook has a new whistleblower that remains unknown to the public but claims the same allegations by Frances Haugen, saying that the company compromises safety for profit. It remains a ... Read more »

New Relic CodeStream plugs observability directly into developer workflows in the IDE

New Relic has acquired CodeStream to bring observability directly into developer workflows in the IDE and help them build better software. Read more »

This Cryptocurrency Startup Will Give You FREE Crypto If You Let Them Scan Your Eyes

A cryptocurrency startup in Silicon Valley is making headlines for a rather generous proposition: they’ll give you free crypto if you let them scan your eyes.  (Photo : Getty Images ... Read more »