in News2021

Apple fixes vulnerabilities in iOS 15, but no mention of discoverers

2k Views

ios15

 
Apple has fixed a serious vulnerability in the recently released iOS 15.0.2. However, the person complains that the name of the discoverer is not mentioned in the release notes.

Apple reports four vulnerabilities but ignores them

Security researcher Dennis Tokarev (commonly known as illusionofchaos) discovered four vulnerabilities in iOS 14 and reported them to Apple, but only one of them was fixed in iOS 14.7 released in July 2021. So, iOS 15 was released with three left unattended.
 
Tokarev repeatedly asked Apple about the matter, but didn’t get a response, so in September he decided to publish the vulnerability he found on his blog.
 
It seems that Apple responded to him as “under investigation”, probably because several media took up Mr. Tokarev’s blog and became a hot topic.

No mention of Mr. Tokarev

And on October 13, local time, Tokarev tweeted, “Apple secretly fixed the vulnerability in iOS 15.0.2, but didn’t announce that I was the discoverer.” According to Tokarev, the remaining two vulnerabilities he discovered have not yet been fixed.
 
Indignant Tokarev has published a portion of his email with Apple.
 

 
Tokarev was angry when he had repeatedly reported zero-day vulnerabilities for quite some time, but Apple continued to ignore them, and thought he had finally fixed them (reported 4). (Corrected 2 of the cases) There is no mention (no credit) of the discoverer, Mr. Tokarev.
 
Apple has described the fix in iOS 15.0.2 as an “anonymous researcher,” and even if Tokarev complains that he is the discoverer, there is still no response.

 
 
Source: 9to5Mac
(lunatic)


Source: iPhone Mania

Share this: