Disgruntled Researcher Publicly Disclosed Three iOS Zero-Day Bugs iprofitsu, c2bitmuru

Annoyed after the slow response from Apple, a researcher has publicly dropped three iOS zero-day bugs with serious impact. Apple has recently confirmed to investigate the bugs in detail. But it seems the patches may not arrive anytime soon.
A disgruntled researcher Denis Tokarev found three zero-day bugs affecting iOS devices. The researcher, mainly a software developer, discovered the vulnerabilities earlier this year.
Explaining the bugs in a blog post , the researcher stated that the following issues even affect the latest iOS 15.
XPC endpoint  accepts user-supplied parameter sdk-version, and if its value is less than or equal to 524288, com.apple.developer.networking.wifi-info entitlement check is skipped.
According to Tokarev, alongside these three bugs, the researcher also found another vulnerability that Apple quietly patched without acknowledgment. The researcher noticed the issue received a fix with iOS 14.7 .
Despite promising to mention the patched vulnerability in subsequent security advisories and fixing the unpatched flaws, Apple failed to do any of these.
Hence, the disappointed researcher decided to disclose his findings publicly.
Nonetheless, 24 hours after the publication surfaced online, Apple again promised a fix. As per its statement,
We saw your blog post regarding this issue and your other reports. We apologize for the delay in responding to you. We want to let you know that we are still investigating these issues and how we can address them to protect customers. Thank you again for taking the time to report these issues to us, we appreciate your assistance. Please let us know if you have any questions.
Keeping aside Apple’s vague handling of this matter, what matters the most is for users to remain cautious. As the bugs haven’t received any fixes yet (nor does it seem to happen anytime soon), users must remain very careful regarding what apps they install and use to avoid giving unnecessary detail to any unwanted app.
iprofitsu c2bitmuru