A security specialist found seven vulnerabilities in Safari and received $ 75,000 from Apple.

Apple paid $ 75K to cybersecurity specialist Ryan Pickren for reporting vulnerabilities in Safari. The specialist tested the new macOS release for durability and stumbled upon “zero-day vulnerabilities” – gaps that the company did not know about at the time of the release of its product.

In total, Picren discovered seven bugs, of which three allowed access to the camera of a user’s smartphone or laptop – it was enough to bring a person to a malicious site. “A bug like this shows why people should never fully rely on the protection of their cameras, ” said the specialist.

Pikren announced his findings in the Bug Bounty Program, an initiative whereby Apple pays money to people who find vulnerabilities in its products. In gratitude, Picren was paid $ 75 thousand. The bugs described by him have already been fixed: some were fixed in the update on January 28 (Safari 13.0.5), and the remaining ones were fixed on March 24 (Safari 13.1).


We will be happy to hear your thoughts

Leave a reply