Apple Pushes Back Against Zero-Day Exploit Claims
upstart writes in with an IRC submission for Bytram:
Apple Pushes Back Against Zero-Day Exploit Claims:
Company said there is no evidence that iOS bugs revealed by ZecOps earlier this week were ever used against customers.
Apple has pushed back against claims that two zero-day bugs in its iPhone iOS have been exploited for years, saying it's found no evidence to support such activity.
Apple officials made the statement in response to a widely disseminated report published Wednesday by ZecOps, which claimed that two Apple iOS zero-day security vulnerabilities affecting its Mail app on iPhones and iPads already had been exploited in the wild since 2018 by an "advanced threat operator."
"Both vulnerabilities exist at least since iOS 6 - (issue date: September 2012) - when iPhone 5 was released," ZecOps said in its report.
However, Apple said in a statement to Bloomberg's Apple correspondent Mark Gurman that he posted on Twitter that this is just not true."We have thoroughly investigated the researcher's report and, based on the information provided, have concluded these issues do not pose an immediate risk to our users," the company said in the statement.
Also at www.securityweek.com
Previously: A Critical iPhone and IPad Bug That Lurked for Eight Years May be Under Active Attack
Read more of this story at SoylentNews.