Apple Has Finally Posted Security Information Related To Their Recent Updates…. Here’s My $0.02 Worth…

Readers of this blog will know that I’ve been very critical of Apple and how they have handled some recent security issues. And if you’re thinking that I’m going to back away from being critical of Apple due to the fact that they released the security information related to the recent updates that they’ve released in the last week, well… Stay tuned.

Let’s start with that mail exploit that Germany said was critical and needed to be fixed, according to this it’s fixed:

It is also fixed in iOS 12.4.7. Which is good for users of that OS. Now there is that Messages bug, well it has been fixed based on this which fits the description of the issue:

However this doesn’t appear in the release notes for iOS 12.4.7. Which is curious. I will have to do some digging on that front.

My only thought as to why Apple had not released all the security information is that they haven’t released updates for earlier versions of macOS as well as macOS 10.15.5. Some of the issues if you read through the security info clearly traverse multiple Apple OSes because they are based on the same code base. So Apple may have wanted to keep what they fixed under wraps until users were able to install all the updates.

You can go through the rest of the security info as it is a very interesting read as Apple has really killed a lot of security issues. Which is good as iOS security is kind of bad at the moment. Though they need to kill one more thing that enables jailbreaking. Expect that to appear at any time as Apple has tended to take a dim view of anything related to jaibreaking. Which is another way of saying that Apple wants to maintain control.

So, did I thrash Apple? No not really. But as far as I am concerned, they don’t get a pass on this. I think Apple could have done a much better job of communicating this information in a more timely manner. That would allow people, especially enterprise customers make informed decisions about whether to install these updates. Which to be clear that they should because of what is fixed. But it’s a whole lot easier to make that call if you have all the information at hand. Which in this case Apple didn’t do in a timely manner. And that is a #Fail.

Leave a Reply

%d bloggers like this: