US government tells Apple it has security problems that Apple fixed last year

FBI gets the 'don't hoard vulnerabilities' memo at last

Two years after the White House decided disclosure was better than bug-hoarding, the FBI has handed over its first notification to Apple.

News of the bug report was given to Reuters, which says notifications describing the iPhone and Mac problems landed in Cupertino on April 14.

The White House policy was articulated at the end of April 2014, after the emergence of the Heartbleed bug sparked speculation that the prominent, persistent, branded bug was an NSA production.

Apple told Reuters the advisory it received involved “older versions” of the iPhone and Mac (presumably, iOS and OS X), adding that the flaws the FBI disclosed to it were already fixed, nine months ago.

Here's how Reuters puts it: “the executive said the problem had been fixed by the company nine months ago, with the release of iOS9 for phones and Mac OS [X] El Capitan”.

The Register notes that “nine months ago” – that is, July 2015 – was the ship date for iOS 9 and El Capitan in beta.

The fix date cited by Apple is bound to get the security-savvy wondering which vulnerability the Feds might have thought they had to themselves.

The unnamed Apple executive said 80 per cent of iPhones are already on iOS 9, so it doesn't intend patching the flaws in older versions of its operating system. ®


Biting the hand that feeds IT © 1998–2017