Apple Leaves Users Vulnerable By Not Fixing iOS and OS X Security Issues Simultaneously
Notable computer security researcher Kristin Paget, who worked on Apple's security team before leaving for Tesla in early 2014, has taken to her blog (via Ars Technica) to criticize Apple for fixing more than a dozen security flaws in iOS weeks after patching them in OS X.
iOS 7.1.1, released yesterday, patched multiple WebKit vulnerabilities that were initially fixed in OS X with the release of Safari 7.0.3 on April 1. The delay between fixes, says Paget, alerted hackers to serious flaws potentially exploitable on Apple's mobile operating system and then gave hackers ample time to exploit the vulnerabilities.
Is this how you do business? Drop a patch for one product that quite literally lists out, in order, the security vulnerabilities in your platform, and then fail to patch those weaknesses on your other range of products for weeks afterwards? You really don't see anything wrong with this?
Someone tell me I'm not crazy here. Apple preaches the virtues of having the same kernel (and a bunch of other operating system goop) shared between two platforms – but then only patches those platforms one at a time, leaving the entire userbase of the other platform exposed to known security vulnerabilities for weeks at a time?
Addressing Apple, Paget goes on to write that Apple needs to sit in front of a chalkboard and write out "I will not use iOS to drop 0day on OSX, nor use OSX to drop 0day on iOS."
In addition to the WebKit vulnerabilities that were patched out of sync, Apple also recently exposed a major OS X flaw when patching the same flaw in iOS. Back in February, with the release of iOS 7.0.6, a major SSL connection verification vulnerability came to light. Known as the "goto fail" bug, it left iOS and OS X users vulnerable to man-in-the-middle attacks where hackers could pose as a trusted website to intercept communications or acquire sensitive information.
Apple launched iOS 7.0.6 on a Friday, fixing the vulnerability on iOS but leaving OS X users vulnerable to attack until the following Tuesday, when it released OS X 10.9.2 to patch the security flaw.
Popular Stories
The upcoming iOS 26.1 update includes a small but helpful change for iPhones, and it could prevent you from running late to something important.
Specifically, when an alarm goes off in the Clock app, there is a new "slide to stop" control on the screen for turning off the alarm. On previous iOS 26 versions, there is simply a large "stop" button, which could be accidentally tapped.
The new ...
Apple is planning to launch at least 15 new products in 2026, according to Bloomberg's Mark Gurman.
Gurman outlined what to expect from Apple in 2026 in the latest edition of his "Power On" newsletter. He said the company is heading "into one of its most pivotal years in recent memory," with the rollout of major new Apple Intelligence features, intense regulatory pressure on the App Store,...
Apple has just given a strong indication that it will not be releasing any additional new Macs for the remainder of the year.
Apple's CFO Kevan Parekh dropped the hint during the company's earnings call on Thursday:On Mac, keep in mind, we expect to face a very difficult compare against the M4 MacBook Pro, Mac mini, and iMac launches in the year-ago quarter.Parekh essentially gave a heads up ...
In his "Power On" newsletter, Bloomberg's Mark Gurman today provided an update on the status of Apple Intelligence and the plans for it in 2026.
Apple is still planning to roll out its revamped version of Siri around March of next year. The release should be accompanied by the release of a new smart home display product with speaker-base and wall-mount options. A new Apple TV and HomePod...
Apple is expected to launch a new foldable iPhone next year, based on multiple rumors and credible sources. The long-awaited device has been rumored for years now, but signs increasingly suggest that 2026 could indeed be the year that Apple releases its first foldable device.
Below, we've collated an updated set of key details that have been leaked about Apple's foldable iPhone so far.
Ove...
A new Apple TV and HomePod mini could launch as soon as this month, Bloomberg's Mark Gurman today suggested.
In today's "Power On" newsletter, Gurman said that Apple retail stores are planning an overnight refresh on the evening of November 11, where changes will be made after closing, such as refreshing displays and placing new products for the following day.
The timing of the overnight...
Apple's iPhone 18 Pro models could be available in new rich and warm color option, according to a known leaker.
The Weibo user known as "Instant Digital" today suggested that next-year's iPhone 18 Pro models will be available in at least one of the following color options: Coffee, purple, and burgundy.
The iPhone XR, iPhone 11, iPhone 12, iPhone 14, and iPhone 14 Pro were all available in ...
Apple's iPhone development roadmap runs several years into the future and the company is continually working with suppliers on several successive iPhone models at the same time, which is why we often get rumored features months ahead of launch. The iPhone 18 series is no different, and we already have a good idea of what to expect for the iPhone 18 Pro and iPhone 18 Pro Max.
One thing worth...
Apple is about to drop iOS 26.1, the first major point release since iOS 26 was rolled out in September, and there are at least six notable changes and improvements to look forward to. We've rounded them up below.
Apple has already provided developers and public beta testers with the release candidate version of iOS 26.1, which means Apple will likely roll out the update to all compatible...
