When it comes for the security Apple and its services claim for the best but we know that there is nothing that is fully secured a group of researchers found more than 50 bugs in Apple services.
Nowadays the internet is too easy to access. Though what matters is online services where it is OTT platform or payments. Regardless what where name yo attach to them this is always vulnerable.
This maximum turns out to be true again as security researchers find over 50 bugs in Apple services. A team of five security researchers took apart code for various Apple services including iCloud and found more than 50 potential security threats.
Most of these were quite risky for the average consumer. Of these 11 were very critical and out of remaining 44, 29 are high severity and 13 are medium severity with only 2 being low severity.
This was part of a bug bounty program, and Apple ended up fixing 28 of these issues more or less immediately after paying out nearly $300,000 as part of the bounty that is associated with such programs in general.
The bugs found in the Apple services turned out to be very dangerous as it could allow the hackers to access the iCloud accounts of the consumers and could also be used for releasing malicious software.
Detailed Analysis of Bugs in Apple Services
In detailed blog post the researchers that includes Sam Curry, Brett Buerhaus, Ben Sadeghipour, Samuel Erb, and Tanner Barnes explained how an attacker could have accessed sensitive information and how can they be exploited.
In the wormable cross-site scripting vulnerability an attacker can retreive any type of information from the iCloud storage even photos and videos stored in the users iCloud account. Also a detailed report of SSRF that could allow an attacker to access Apple’s internal maven repository.
Within hours of reporting Apple quickly fixed all the vulnerability and informed the researchers about them and rewarded them a bounty of $288,500 as part of the Apple bug bounty program.
With all of that having been said and out of the way it is important to note that Apple solved most of these issues within a day and some of them got top priority which meant that they were resolved within a few hours.
Apple has done a good job of fixing these issues and problems do end up occurring with an operation that is this massive so perhaps the tech giant can be forgiven for this sort of thing all in all at the end of the day. Still, more precautions should be taken to stop such flaws from occurring in the first place.