Apple quietly fixes zero-day flaw in iOS 15.0.2, but didn’t credit its finder

Apple has quietly patched a zero-day vulnerability that could have given apps access to sensitive information in iOS 15.0.2, but reportedly did not credit the discoverer of the flaw.

Credit: Andrew O'Hara, AppleInsiderCredit: Andrew O’Hara, AppleInsider

The vulnerability was discovered by software developer Denis Tokarev seven months before the release of iOS 15.0.2. Back in September, Tokarev penned a blog post detailing some of his interactions with Apple’s Bug Bounty Program, including the fact that he went uncredited on another fixed flaw.

Read more…