Apple accused Google of fearmongering, claiming a recent report about an iOS security flaw issued by the latter’s cybersecurity task force got several key details wrong.
In its report, Google’s Project Zero research team identified a vulnerability which it claimed allowed attackers to deploy malicious software on iPhones if users visited certain websites. It characterised the attacks as “indiscriminate,” adding evidence pointed to sustained hacking efforts over a period of two years.
But Apple countered, issuing a statement noting the attack affected “fewer than a dozen websites that focus on content related to the Uighur community” and was “narrowly focused, not a broad-based exploit of iPhones”.
It added the exploit was only active for a “brief period” of about two months rather the two years indicated by Google’s team.
Apple said these mistakes, coupled with Google’s decision to post about a flaw fixed long ago, stoked “fear among all iPhone users that their devices had been compromised”.
“This was never the case…We fixed the vulnerabilities in question in February, working extremely quickly to resolve the issue just ten days after we learned about it. When Google approached us, we were already in the process of fixing the exploited bugs.”
Google told The Verge, it stands by the report and will “continue to work with Apple and other leading companies to help keep people safe online”.Subscribe to our daily newsletter Back