Apple says 'many' exploits revealed in CIA leak already patched in latest iOS versionApple late Tuesday issued a response to the WikiLeaks CIA data dump, saying "many" of the supposed iOS exploits have already been addressed in the most recent version of its flagship mobile operating system.
In a statement issued to news outlets, and subsequently posted to Twitter by BuzzFeed's John Paczkowski, Apple says the latest public version of iOS, released in January, contains patches for critical flaws outlined in today's WikiLeaks dump.
Further, the company is working on fixes for newly discovered vulnerabilities. As can be expected, Apple did not reveal which exploits have yet to be patched.
Apple is deeply committed to safeguarding our customers' privacy and security. The technology built into today's iPhone represents the best data security available to consumers, and we're constantly working to keep it that way. Our products and software are designed to quickly get security updates into the hands of our customers, with nearly 80 percent of users running the latest version of our operating system. While our initial analysis indicates that many of the issues leaked today were already patched in the latest iOS, we will continue work to rapidly address any identified vulnerabilities. We always urge customers to download the latest iOS to make sure they have the most recent security updates.
Earlier today, WikiLeaks published a trove of documents allegedly originating from the CIA's Center for Cyber Intelligence. Among the various cyber intrusion techniques outlined in the so-called "Vault 7" release are 14 iOS exploits that range from basic surveillance to remote device command and control.
The documents suggest the CCI developed certain spy tools in-house while hoarding other assets purchased on the open market or gathered through interagency sharing with the FBI, NSA and UK's GCHQ. Along with the iOS-specific exploits, the CIA documents reveal code for infiltrating Android devices and Samsung smart TVs.
Wikileaks alleges nearly all of the CIA's hacking tools were stolen, which is how the group obtained the documents published today. Technical details and computer code were left unpublished to protect against wide dissemination, WikiLeaks said. The group might choose to release some or all of the CIA's hacking arsenal at a later date.