FBI discloses iOS security flaw, but not the one used to crack the San Bernardino iPhone
Apple already knew about the vulnerability, which doesn't affect devices running iOS 9 and OS X El Capitan.
The FBI still won’t tell Apple how the third-party hackers it hired to crack the iPhone 5c used by the San Bernardino mass shooter managed to get into the device, but the agency has shared another security vulnerability with Cupertino. That’s real nice of them and all, but Apple had already fixed that particular flaw.
According to Reuters, the FBI told Apple about the security hole affecting iPhones and Macs on April 14. This was the first time the agency had shared information with Apple under the Vulnerability Equities Process, which was put in place by the White House in 2014.
But the vulnerability the FBI just disclosed is totally unrelated to the San Bernardino case and only affects older iPhones and Macs that aren’t running the latest versions of iOS and OS X, Apple told Reuters. The reason why the FBI can’t share the San Bernardino iPhone’s flaw is because the agency reportedly doesn’t know the methods that were used to crack that phone. But the FBI wants to prove that it does share information about vulnerabilities with tech companies so that those flaws can’t be exploited by bad actors.
Why this matters: This is yet another reason to stay on top of software updates—Apple doesn’t plan to patch the flaw disclosed by the FBI for older versions of iOS and OS X, so if you’re not running iOS 9 and OS X El Capitan, your iPhone and Mac are at risk. The percentage of people using the latest versions of Apple’s software—84 percent on iOS 9 according to Apple’s official numbers—indicates that few devices are vulnerable.