Apple is accusing Google of “stoking fear” among iPhone users, claiming that Google’s recent report about iOS security flaws contains inaccuracies and comes after Apple had already released patches to fix the problems.
Google’s report, which was published in August, details a series of websites that used iOS security flaws to attack any iPhone that visited them. Researchers at Google claimed that the malicious websites were hacking iPhones for at least two years.
“Simply visiting the hacked site was enough for the exploit server to attack your device, and if it was successful, install a monitoring implant. We estimate that these sites receive thousands of visitors per week,” wrote Ian Beer of Google’s Project Zero.
Apple said in a statement released Friday that Google’s report features inaccuracies and that the attack affected fewer than a dozen websites focusing on content related to the Uighur community.
“Google’s post, issued six months after iOS patches were released, creates the false impression of ‘mass exploitation’ to ‘monitor the private activities of entire populations in real time,’ stoking fear among all iPhone users that their devices had been compromised,” said Apple in the statement.
“This was never the case.”
Apple said the website attacks were only operational for a brief period, “roughly two months, not ‘two years’ as Google implies.”
The Silicon Valley giant said it fixed the vulnerabilities in question in February, ten days after learning about it: “When Google approached us, we were already in the process of fixing the exploited bugs.”
Apple added: “Regardless of the scale of the attack, we take the safety and security of all users extremely seriously.”