Apple has today issued a press release in response to recent claims by Google’s Project Zero security research team concerning security vulnerabilities in iOS, stating that Google deliberately created “the false impression of mass exploitation,” even though “this was never the case.”
Apple notes that the flaws highlighted by Google were never “broad-based” and instead affected fewer than a dozen websites focused on content related to the Uighur community. “We fixed the vulnerabilities in question in February — working extremely quickly to resolve the issue just 10 days after we learned about it.”
While reiterating that the vulnerability was patched in iOS 12.1.4, Apple says that the website attacks were only operational “for a brief period,” whereas Google falsely claimed they ran for “two years.”:
“Security is a never-ending journey and our customers can be confident we are working for them. iOS security is unmatched because we take end-to-end responsibility for the security of our hardware and software. Our product security teams around the world are constantly iterating to introduce new protections and patch vulnerabilities as soon as they’re found. We will never stop our tireless work to keep our users safe.”
You can read the full statement from Apple at this link.
