On August 30, Google's Project Zero team revealed that it had discovered several websites that had been installing malware on visitor iPhones in the last two years.
According to the team of researchers, the devices were infected by visiting malicious web pages related to the Uighur community, putting private information such as contacts, photos and other user data at risk.
The news was received with great consternation in the community, leaving users worried about their privacy and the protection of their data.
Today, one week after the publication of Google, Apple has issued a statement about the claims of the Google team. The Californian company has made two important clarifications and corrections regarding the scale and severity of the problem.
To get started, Apple clarify that the message from Google arrives six months after the patches that fix the vulnerability were released. The firm believes that the Google publication created unjustified fears and generated the false impression that a massive data breach had occurred.
Similarly, Cupertino's signature makes it clear that The scope of the attack was not as wide as Google led to believe, since it only affected a very specific community set:
… the sophisticated attack focused on a very specific objective, not a broad exploitation of the "mass" iPhones, as described. The attack affected less than a dozen websites that focus on content related to the Uighur community.
Secondly, Apple correct the "two years" figure, saying that the attacks were only effective for a period of approximately two months, not two years.
Apple as well downplay the role of Google in solving the problem. Although Google claims that it gave Apple a «7 day term» to solve the vulnerability, Apple He says he had been working on fixing the problem since before Google approached.
The company added that «IOS security is unmatched because we assume full responsibility for the security of our hardware and software», which guarantees iPhone owners that privacy and data security are of utmost importance to Apple, regardless of the magnitude of any vulnerability.