Menu
Apple issues statement in response to Google security vulnerabilities report

Apple issues statement in response to Google security vulnerabilities report

Google’s report created a false impression among users that their devices were compromised, Apple says

Credit: Dreamstime

Last week, Google’s Project Zero security research team posted information about a serious vulnerability in iOS.

The security exploit (or group of exploits, really) allowed a “small collection of hacked websites” that would, when visited, install code to monitor certain activity on the iPhone.

The security holes were patch in iOS 12.1.4 on February 7, 2019, and there were even news reports right after the patch about the security holes that were closed. The sites that exploited the vulnerabilities were targeting an ethnic minority in China—the Uighur—and also sought to exploit holes in Android and Windows.

Apple has taken umbrage with the recent report, calling it out not for its technical inaccuracy, but for misrepresenting the scope and scale of the security flaw and the way it was exploited.

In a statement issued on September 6, the company said, “We’ve heard from customers who were concerned by some of the claims, and we want to make sure all of our customers have the facts.”

Apple goes on to detail two ways in which it feels the report was misleading. First, the report says it will, “share these insights into the real-world workings of a campaign exploiting iPhones en masse.”

Apple says the attacks were anything but “en masse” and only represented a few dozen websites targeting the Uighur minority community in China. Apple says this misrepresentation caused the hundreds of millions of iPhone users around the world to feel that they were compromised, when that was never true.

“Regardless of the scale of the attack, we take the safety and security of all users extremely seriously,” Apple concluded.

Second, the websites were operational for only about two months, while the report gives the impression that iPhones were being hacked for two years. While the vulnerability may have been present in iOS for two years, it was only found and exploited among this narrow community for a short period.

Apple claims that it fixed the exploits within 10 days of learning about them, and that, “When Google approached us, we were already in the process of fixing the exploited bugs.”

The short statement concludes by reassuring users that Apple takes security extremely seriously:

Security is a never-ending journey and our customers can be confident we are working for them. iOS security is unmatched because we take end-to-end responsibility for the security of our hardware and software. Our product security teams around the world are constantly iterating to introduce new protections and patch vulnerabilities as soon as they’re found. We will never stop our tireless work to keep our users safe.

Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags GoogleApple

Featured

Slideshows

Reseller News Platinum Club celebrates leading partners in 2019

Reseller News Platinum Club celebrates leading partners in 2019

The leading players of the New Zealand channel came together to celebrate a year of achievement at the annual Reseller News Platinum Club lunch in Auckland. Following the Reseller News Innovation Awards, Platinum Club provides a platform to showcase the top performing partners and start-ups of the past 12 months.

Reseller News Platinum Club celebrates leading partners in 2019
Reseller News hosts alumnae breakfast for Women in ICT Awards

Reseller News hosts alumnae breakfast for Women in ICT Awards

Reseller News hosted its second annual alumnae breakfast for the Women in ICT Awards in New Zealand, designed to showcase the leading female leaders in the industry. Held at The Cordis in Auckland, attendees came together to hear inspiring keynotes and panel discussions, alongside high-level networking among peers. Photos by Gino Demeer.

Reseller News hosts alumnae breakfast for Women in ICT Awards
Reseller News Innovation Awards 2019: meet the winners

Reseller News Innovation Awards 2019: meet the winners

Reseller News honoured the standout players of the New Zealand channel in front of more than 480 technology leaders in Auckland on 23 October, recognising the achievements of top partners, emerging entrants and innovative start-ups.

Reseller News Innovation Awards 2019: meet the winners
Show Comments