yesterday we revealed on here what to Apple made available the iOS 15.0.1, the one that is the first update o iOS 15, which was released roughly two weeks ago. We already knew that iOS 15.0.1 had fixed the bug that prevented owners of the iPhone 13 to use Apple Watch to unlock your devices. And while the changelog public suggested that this was the only thing fixed, it was now discovered that Apple also fixed a vulnerability that would allow users to bypass the lock screen.
This is obviously great news, but it seems that some users in the security research community aren’t all that thrilled about it. That’s because they think Apple failed to credit researcher Jose Rodriguez, who actually detailed the vulnerability in September, for discovering the flaw.
Apple fixed a publicly known Lock Screen Bypass 0-day but failed to acknowledge it https://t.co/ZHkU5GEqOj pic.twitter.com/vNPgzjL8Gv
— Denis Tokarev (@illusionofcha0s) October 1, 2021
Apple plugs major vulnerability with iOS 15.0.1 but doesn’t give credit to those who discovered it
Rodriguez had publicly disclosed the vulnerability by posting a proof of concept on his YouTube channel showing how the vulnerability worked. According to the researcher, the reason for not informing Apple in advance was in hopes of shed light on problems with Apple’s Bug Bounty program.
This isn’t the first time Apple has fixed security holes in its software without giving credit to the researchers who found it. However, it has been suggested that Apple has hired a new team to lead the Bug Bounty program in hopes of revamping it, so hopefully this won’t be an issue in the future.
Founder of Noticias e Tecnologia, and this is his second online project, after several years connected to a portal focused on the Android system, where he was also one of its founders.
IT professional, and passionate about new technologies, motorsports and mountain biking.
—-
–