Apple says it has fixed 'many of the issues' exposed in WikiLeak's CIA hacking data dump
Yesterday WikiLeaks unleashed Vault 7 online, revealing a wealth of information about the CIA's hacking tools and techniques. Included in the data dump was the suggestion that the CIA was actively exploiting vulnerabilities in iOS and other software to listen in on people. Apple has responded by saying that "many" of these security holes have been fixed.
Importantly, the company is unable to say that all of the vulnerabilities being used -- or that have been historically used -- by the CIA have been addressed, but it does insist that it "will continue work to rapidly address" problems that are found. A number of iOS security flaws have been exploited by the CIA to surveil individuals, or even take remote control of devices.
Apple is just one of the companies mentioned in the Vault 7 leak, and many have scrambled to reassure their customers that things are in hand. With the widely-held view that Apple's software is near impenetrable, the iPhone manufacturer is understandably keen to do what it can to maintain this reputation.
In a statement Apple said:
Apple is deeply committed to safeguarding our customers' privacy and security. The technology built into today's iPhone represents the best data security available to consumers, and we're constantly working to keep it that way. Our products and software are designed to quickly get security updates into the hands of our customers, with nearly 80 percent of users running the latest version of our operating system. While our initial analysis indicates that many of the issues leaked today were already patched in the latest iOS, we will continue work to rapidly address any identified vulnerabilities. We always urge customers to download the latest iOS to make sure they have the most recent security updates.
Of course, Apple does not go as far as saying which of the vulnerabilities it has addressed. What this means is that at least a proportion of the 14 exploits revealed by WikiLeaks are still vulnerable to attack.