Apple devices are known for their secure ecosystem but the same cannot be said for its well-know Safari web browser. After Google’s recent finding of multiple bugs in Apple Safari, a security researcher has now disclosed new vulnerabilities in Apple’s browser. The vulnerabilities would have allowed anyone hijack microphones and webcams on iOS and macOS devices to snoop on users.
Thankfully, the flaws were fixed by Apple in January and March updates. If you also have an iPhone or a MacBook at home or in office, make sure the devices are updated with new security patches to avoid any unwanted intrusion.
The vulnerabilities were discovered by security researcher Ryan Pickren who submitted seven vulnerabilities to Apple’s bug bounty program in mid-December. Apple validated the bugs and patched the flaws in January and March updates. Earlier, a malicious link could have led an attacker hijack an Apple device remotely. Pickren mentioned that anyone aware of the loopholes could have built a kill chain to hijack the microphone and camera app on Apple iPhones and MacBooks.
The security researcher Ryan Pickren was rewarded $75,000 from Apple’s bug-bounty program for discovering the vulnerabilities. Notably, Apple opened its Bounty Bug program in December 2019 to all security researchers. The program offers rewards of $1 million or more to researchers who discover major flaws in its operating systems.
The bounty payments are determined by the level of access or execution achieved by the reported issue, modified by the quality of the report. The exact payment amounts are determined after review by Apple.
Apple mentions, “In order to be eligible for an Apple Security Bounty, the issue must occur on the latest publicly available versions of iOS, iPadOS, macOS, tvOS, or watchOS with a standard configuration and, where relevant, on the latest publicly available hardware.”
Having said that, if you have discovered any possible vulnerability in the aforementioned Apple’s devices or software products, you can submit a detailed description of the issue with enough details that would allow Apple to reproduce it. If the technology giant validates the flaws, you can also be rewarded under the bounty bug program.
Best Mobiles in India