Apple har betalat ut 100 000 till en buggletare som hittat en allvarlig bugg i funktionen att logga in med Apple.
Apple lanserade sin anonyma inloggningstjänst 2019 och nyligen hittades en allvarlig bugg i funktionen som gjorde att ett konot kunde ha tagits över av obehöriga.
Disclosed on Saturday by security-focused developer Bhavuk Jain, a zero-day vulnerability in Sign in with Apple had the potential to let an attacker gain access to, and fully take over, a user’s account on a third-party application. According to Jain, the bug would have enabled a change in control of the application’s user account, regardless of whether the user had a valid Apple ID or not.
0 kommentarer