apple, apple inc, iphone, ipad, ipod touch, ipod nano, apple tv, ipod shuffle, iphone 6, iphone 6s, ios 9, ios9, itunes, i mac, mac os x, mac osx, apple computer, apple computer inc., mac os x, imac, ibook, mac pro, macbook pro, magic pad, magic mouse, ipod classic, app store, itunes store, ibook store, mac book, microsoft, adobe, research in motion, rim, nokia, samsung, google, nvidia, intel

AppleInsider is supported by its audience and may earn commission as an Amazon Associate and affiliate partner on qualifying purchases. These affiliate partnerships do not influence our editorial content.

Apple has quietly patched a zero-day vulnerability that could have given apps access to sensitive information in iOS 15.0.2, but reportedly did not credit the discoverer of the flaw.

The vulnerability was discovered by software developer Denis Tokarev seven months before the release of iOS 15.0.2. Back in September, Tokarev penned a blog post detailing some of his interactions with Apple's Bug Bounty Program, including the fact that he went uncredited on another fixed flaw.

According to Bleeping Computer, Tokarev reached out to Apple after the release of iOS 15.0.2 to inquire about the lack of credit. Apple replied by asking him to keep the contents of their email exchange confidential.

The flaw was an exploitable bug that could have given user-installed apps from the App Store unauthorized access to sensitive data that would normally be protected by sandboxing or Transparency, Consent, and Control protections. Apple says those flaws are worth up to a $100,000 bounty.

In total, Tokarev reported four vulnerabilities to Apple. The company fixed one of them in iOS 14.7 and the second in iOS 15.0.2. Two of the zero-day flaws are still present in the latest version of iOS 15. Apple said they were "still investigating" back in September.

This isn't the first time that a security researcher said they were snubbed by Apple's bug bounty program. Back in September, a report shed light on complaints of security researchers being ignored, going uncredited, or failing to receive payment.

Apple, for its part, characterizes the bug bounty program as a "runaway success." It noted that it works to correct any mistakes that it makes quickly.

Internet Explorer Channel Network


LATEST NEWS

NEWS RELATED

Early Black Friday deals hit Apple's 2021 14-inch and 16-inch MacBook Pro

AppleInsider is supported by its audience and may earn commission as an Amazon Associate and affiliate partner on qualifying purchases. These affiliate partnerships do not influence our editorial content. Early Black Friday deals on Apple’s brand-new 14-inch and 16-inch MacBook Pro are here, with over 180 configurations eligible for an…

Read more: Early Black Friday deals hit Apple's 2021 14-inch and 16-inch MacBook Pro

WhatsApp users can transfer chat histories from iPhone to Google Pixel, Android 12 devices

AppleInsider is supported by its audience and may earn commission as an Amazon Associate and affiliate partner on qualifying purchases. These affiliate partnerships do not influence our editorial content. Google on Tuesday cleared another barrier to switching mobile operating systems, announcing that iPhone users can easily migrate WhatsApp chat histories…

Read more: WhatsApp users can transfer chat histories from iPhone to Google Pixel, Android 12 devices

Apple's Craig Federighi to present keynote at Web Summit 2021 next week

AppleInsider is supported by its audience and may earn commission as an Amazon Associate and affiliate partner on qualifying purchases. These affiliate partnerships do not influence our editorial content. Apple SVP of Software Engineering Craig Federighi is scheduled to present a keynote presentation at this year’s Web Summit, which will…

Read more: Apple's Craig Federighi to present keynote at Web Summit 2021 next week

Next Apple Watch Activity Challenge honors Veterans Day

AppleInsider is supported by its audience and may earn commission as an Amazon Associate and affiliate partner on qualifying purchases. These affiliate partnerships do not influence our editorial content. Apple’s next Apple Watch Activity Challenge will celebrate Veterans Day, with users of the wearable able to earn a limited edition…

Read more: Next Apple Watch Activity Challenge honors Veterans Day

Twitter revenue largely unaffected by Apple privacy changes

AppleInsider is supported by its audience and may earn commission as an Amazon Associate and affiliate partner on qualifying purchases. These affiliate partnerships do not influence our editorial content. As the social media sector bemoans Apple’s recently enacted iOS privacy protections, Twitter on Tuesday said the changes that require users…

Read more: Twitter revenue largely unaffected by Apple privacy changes

Hands on: Should you buy the Nike or standard aluminum Apple Watch Series 7

AppleInsider is supported by its audience and may earn commission as an Amazon Associate and affiliate partner on qualifying purchases. These affiliate partnerships do not influence our editorial content. If you’re pondering a new Apple Watch Series 7 purchase and are torn between the Nike and standard aluminum versions, check…

Read more: Hands on: Should you buy the Nike or standard aluminum Apple Watch Series 7

16-inch MacBook Pro teardown reveals M1 Max, tweaked internals

AppleInsider is supported by its audience and may earn commission as an Amazon Associate and affiliate partner on qualifying purchases. These affiliate partnerships do not influence our editorial content. Teardowns of Apple’s new MacBook Pros have commenced, with one of the first showcasing the slightly tweaked internals of a 16-inch…

Read more: 16-inch MacBook Pro teardown reveals M1 Max, tweaked internals

Apple News adds local coverage for three more US cities

AppleInsider is supported by its audience and may earn commission as an Amazon Associate and affiliate partner on qualifying purchases. These affiliate partnerships do not influence our editorial content. Apple News users can now access local coverage in three additional U.S. cities, expanding the platform’s curated local news experience to…

Read more: Apple News adds local coverage for three more US cities

Compared: 16-inch MacBook Pro vs Lenovo Legion 5

Apple releases iOS 14.8.1, iPadOS 14.8.1 update with security fixes

Amazon slashes $250 off 512GB 13-inch MacBook Pro with M1

How to run Shortcuts on macOS Monterey

Apple spent $64.8 million on paid search ads in 2020, ranking 12th overall

No plans for third-party Apple Watch face store, Apple executives say

Apple's cleaning cloth is sold out through January — get this instead

Best Deals Oct. 26: $100 off SanDisk 4TB Portable SSD, 30% off UGreen USB-C Hub for MacBook Pro

OTHER NEWS