Apple quietly patches a zero-day vulnerability in iOS 15.0.2 that could have allowed attackers to gain access to sensitive information. According to the experts, the flaw was reported by software developer Denis Tokarev, but Apple did not credit him.
Apple silently fixed a zero-day vulnerability with the release of iOS 15.0.2 on Monday but did not credit the bug reporter.
The company addressed the bug without acknowledging or crediting software developer Denis Tokarev for the discovery even though he reported the flaw seven months before iOS 15.0.2 was released.
After the iOS 15.0.2 version release, Tokarev contacted Apple requesting it to credit him for the discovery of the issue as agreed in the past email exchange. Still, the company only asked him not to disclose the conversation.
In July, Apple also silently patched a zero-day vulnerability with the release of 14.7 without crediting Tokarev in the security advisory, instead promising to acknowledge his report in security advisories for an upcoming update.
Since then, Apple published multiple security advisories (iOS 14.7.1,
Read the article