Notebookcheck Logo
, , , , , ,
search relation.
, , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
 

Apple's iOS 15 update supposedly includes several zero-day exploits despite security expert's warning

According to a security researcher, Apple's iOS 15 includes several critical security flaws (Image: Apple)
According to a security researcher, Apple's iOS 15 includes several critical security flaws (Image: Apple)
Although a security researcher apparently notified the iPhone maker of several security issues, Apple has recently released its iOS 15 update without fixing these vulnerabilities, which is why the anonymous tipster is now publicly criticizing the company.

Earlier this week, Apple released a major update for its mobile operating system iOS, which has now reached version number 15. Among numerous exciting changes and features, not all of which have made it to older iDevices, the update purportedly also includes several significant security flaws that could compromise user data on iPhones and iPads. The source of these allegations is an anonymous security researcher who participates in Apple's security bounty program which pays up to US$1 million for the discovery of previously unknown vulnerabilities in Apple's software.

According to MacRumors, the anonymous security expert reported four security flaws in iOS in the time period between March and May of 2021. Apparently only one of these exploits has been fixed with the iOS 14.7 update, but the tipster supposedly did not receive any kind of feedback or even compensation from Apple for his discovery. Even more troublesome is the allegation that three of these security vulnerabilities are still included in Apple's most recent iOS 15 update.

One of these exploits appears to be related to Apple's Game Center, in which the security researcher has found an exploit that allows any installed app to access user data on the device, which in fact sounds like a critical loophole. However, it remains unclear whether these allegations are justified, or if the disgruntled researcher is looking for a way to discredit Apple after not receiving the expected payout for his participation in the bounty program. The Cupertino-based iPhone maker usually has a very commendable approach regarding the issuance of security updates, like the recent release of iOS 12.5.5 for older devices like the iPhone 6 Plus (from US$181 on Amazon) illustrates.

Source(s)

MacRumors, Image: Apple

static version load dynamic
Loading Comments
Comment on this article
Enrico Frahn
Editor of the original article: Enrico Frahn - Tech Writer - 952 articles published on Notebookcheck since 2021
My fascination for technology goes back a long way to the Pentium II era. Modding, overclocking and treasuring computer hardware has since become an integral part of my life. As a student, I further developed a keen interest in mobile technologies that can make the stressful college life so much easier. After I fell in love with the creation of digital content while working in a marketing position, I now scour the web to bring you the most exciting topics in the world of tech. Outside the office, I’m particularly passionate about motorsports and mountain biking.
contact me via: LinkedIn
Please share our article, every link counts!
> Notebook / Laptop Reviews and News > News > News Archive > Newsarchive 2021 09 > Apple's iOS 15 update supposedly includes several zero-day exploits despite security expert's warning
Enrico Frahn, 2021-09-25 (Update: 2021-09-25)