So are we going to take this twitter post at face value? Anyone have more info?

lapcat · 2024-05-14T13:23:07

Yes, it's literally the first item in the iOS 17.5 security release notes: https://support.apple.com/HT214101

citizen_friend · 2024-05-14T13:54:54

Yep, that was in the tweet. Got any more info about the exploit or why it’s not in their categories?

I presume some in the list did received bounties?

lapcat · 2024-05-14T14:14:18

Here are the categories: https://security.apple.com/bounty/categories/

I'm not really sure what else you're asking for. Nobody in the world except Apple Product Security itself knows why Apple Product Security is refusing to pay a bounty in this case. It makes no sense.

citizen_friend · 2024-05-14T19:09:28

Well. He knows more about the exploit. Maybe he could tell us what it is.

lapcat · 2024-05-14T20:37:20

He did: https://twitter.com/R00tkitSMM/status/1790391961737711697

Satisfied now?

citizen_friend · 2024-05-16T02:31:18

Updated from his twitter: apple apparently confirmed i am right and that it’s not exploitable in real user software. Still outraged?

hnfong · 2024-05-16T06:00:21

I literally saved the link to this story in my "look again in a couple days" folder, and lo and behold, the story makes sense again.

citizen_friend · 2024-05-15T01:28:21

Yep. It explains why he didn’t get paid.