Apple Developer Center Outage Fixed ‘Remote Code Execution’ Flaw

Juli Clover, MacRumors:

While security researcher Ibrahim Balic speculated that he might have been behind the security breach, it is now clear that the issue he reported was unrelated to the major flaw that caused the downtime. Apple credits Ibrahim with reporting a separate iAd Workbench vulnerability on July 22. The vulnerability allowed Balic to obtain both names and Apple IDs of users.

It was a separate “remote code execution” vulnerability that prompted Apple to take the whole thing down.

Tuesday, 20 August 2013