As reported earlier, Apple seemed to ignore reports on zero-day vulnerabilities in iOS. Now story continues with report from Denis Tokarev. Apple contacted him and apologized for the delays in response.

“We saw your blog post regarding this issue and your other reports. We apologize for the delay in responding to you,” an Apple employee wrote. “We want to let you know that we are still investigating these issues and how we can address them to protect customers. Thank you again for taking the time to report these issues to us, we appreciate your assistance. Please let us know if you have any questions.”

Motherboard

According to the response, Apple is still in process of identifying the issues, so no expected fix dates are provided.

Motherboard: Apple ‘Still Investigating’ Unpatched and Public iPhone Vulnerabilities

Reference: Apple Apologizes to Researcher for Ignoring iOS Vulnerabilities, Says It’s ‘Still Investigating’

Recommendations

Developer:

Beware of zero-day vulnerabilities. Monitor devices for suspicious activity.

QA engineer:

Beware of zero-day vulnerabilities. Monitor devices for suspicious activity.

PM/DM:

Beware of zero-day vulnerabilities. Monitor devices for suspicious activity.

Leave a comment