apple, apple inc, iphone, ipad, ipod touch, ipod nano, apple tv, ipod shuffle, iphone 6, iphone 6s, ios 9, ios9, itunes, i mac, mac os x, mac osx, apple computer, apple computer inc., mac os x, imac, ibook, mac pro, macbook pro, magic pad, magic mouse, ipod classic, app store, itunes store, ibook store, mac book, microsoft, adobe, research in motion, rim, nokia, samsung, google, nvidia, intel

A security researcher claims that Apple snubbed them on a zero-day flaw they reported, and that the company has yet to fix three other zero-day vulnerabilities that are now present in iOS 15.

In a blog post on Friday, security researcher illusionofchaos wrote about their "frustrating experiencing participating in the Apple Security Bounty program." The program is meant to offer payments to independent researchers for finding flaws in Apple's systems.

The researcher says they submitted four zero-day vulnerabilities to Apple between March 10 and May 4. One of those vulnerabilities was patched in iOS 14.7, but the researcher said Apple "decided to cover it up and not list it on the security content page."

"When I confronted them, they apologized, assured me it happened due to a processing issue and promised to list it on the security content page of the next update," illusionofchaos wrote. "There were three releases since then and they broke their promise each time."

Additionally, three of the other security flaws are still present in the released version of iOS 15. The researcher said Apple has ignored disclosure of the iOS flaws.

"Ten days ago I asked for an explanation and warned then that I would make my research public if I don't receive an explanation," illusionofchaos said. "My request was ignored so I'm doing what I said I would. My actions are in accordance with responsible disclosure guidelines."

The three vulnerabilities include a flaw that allows apps downloaded from the iOS App Store to read data like Apple ID credentials and information about a user's contacts. Another flaw allows any app to check whether any other app is installed on a device, while the third allows apps with location services permissions to gain access to Wi-Fi information.

This is not the first time a security researcher has voiced concerns about Apple's Security Bounty program. Earlier in September, a report collected a slew of complaints about the initiative, including researchers calling out poor communication, payment confusion, and other issues.

Apple first overhauled its bounty program in 2019, opening it to any security researcher and increasing payouts. Since then, Apple has called the program a "runaway success."

The same report collecting researcher complaints also indicated that Apple has hired a new executive to oversee and reform its bug bounty program.

Internet Explorer Channel Network


LATEST NEWS

NEWS RELATED

Apple's new $19 Polishing Cloth is already sold out

AppleInsider is supported by its audience and may earn commission as an Amazon Associate and affiliate partner on qualifying purchases. These affiliate partnerships do not influence our editorial content. Demand for Apple’s new Polishing Cloth — a $19 piece of white fabric — is through the roof, with delivery estimates…

Read more: Apple's new $19 Polishing Cloth is already sold out

Compared: Google Pixel 6 Pro versus Apple iPhone 13 Pro Max

AppleInsider is supported by its audience and may earn commission as an Amazon Associate and affiliate partner on qualifying purchases. These affiliate partnerships do not influence our editorial content. Google has launched a new lineup of high-end Pixel devices equipped with chips of its own design. Here’s how the highest…

Read more: Compared: Google Pixel 6 Pro versus Apple iPhone 13 Pro Max

Apple TV+ anthology 'Extrapolations' adds Meryl Streep, Matthew Rhys

AppleInsider is supported by its audience and may earn commission as an Amazon Associate and affiliate partner on qualifying purchases. These affiliate partnerships do not influence our editorial content. Apple TV+ added several new additions to the cast of “Extrapolations,” including big names like Meryl Streep and Matthew Rhys. The…

Read more: Apple TV+ anthology 'Extrapolations' adds Meryl Streep, Matthew Rhys

How to move data to a new MacBook Pro

AppleInsider is supported by its audience and may earn commission as an Amazon Associate and affiliate partner on qualifying purchases. These affiliate partnerships do not influence our editorial content. Apple has a Migration Assistant app to help you move your data to a new MacBook Pro, except it isn’t always…

Read more: How to move data to a new MacBook Pro

Google launches Pixel 6, Pixel 6 Pro with Tensor processor

AppleInsider is supported by its audience and may earn commission as an Amazon Associate and affiliate partner on qualifying purchases. These affiliate partnerships do not influence our editorial content. Google has launched its Pixel 6 and Pixel 6 Pro smartphones, complete with its self-designed “Tensor” chip and a 50-megapixel Octa…

Read more: Google launches Pixel 6, Pixel 6 Pro with Tensor processor

'Lego Star Wars: Castaways' coming to Apple Arcade in November

AppleInsider is supported by its audience and may earn commission as an Amazon Associate and affiliate partner on qualifying purchases. These affiliate partnerships do not influence our editorial content. Apple has announced that a new Lego Star Wars action-adventure title, titled “Castaways,” is coming to its Apple Arcade gaming service.…

Read more: 'Lego Star Wars: Castaways' coming to Apple Arcade in November

Compared: Third-generation AirPods vs second-generation AirPods

AppleInsider is supported by its audience and may earn commission as an Amazon Associate and affiliate partner on qualifying purchases. These affiliate partnerships do not influence our editorial content. Apple has launched the latest update to the AirPods line, with the third-generation model offering Spatial Audio support alongside design refinements.…

Read more: Compared: Third-generation AirPods vs second-generation AirPods

Apple Watch Series 7 review: Bigger than you think

AppleInsider is supported by its audience and may earn commission as an Amazon Associate and affiliate partner on qualifying purchases. These affiliate partnerships do not influence our editorial content. Despite lacking new health features or performance improvements, the larger display on Apple Watch Series 7 makes it a compelling upgrade…

Read more: Apple Watch Series 7 review: Bigger than you think

Intel under fire: What Wall Street thinks about Apple's new MacBook Pro

All the features missing from iOS 15, iPadOS 15, macOS Monterey at launch

Best Deals Oct. 19: $9 off Apple MagSafe Wallet, up to 50% off refurbished tech, and more!

Supply constraints could lead to slightly lower iPhone holiday revenue

Target to double stores with Apple 'shop in shop' by Christmas

Apple's new 16-inch MacBook Pro charger uses GaN to stay small

Deals: Save up to $200 on 13-inch MacBook Pros with 16GB RAM

All the Apple sounds & hardware used in the 'Start Up' song

OTHER NEWS