In a move that may be related to the recent glut of leaked celebrity photos, Apple has patched a “Find My iPhone” exploit that was detailed shortly before the content pilfering took place. It isn’t yet known whether the two are related, but the timing has many suspicious.
A day before the celebrity photos leaked, code targeting an exploit with Find My iPhone was made available on GitHub. With the exploit, hackers could use a bruteforce attack to try to identify a user’s AppleID password without being locked out.
Speculation turned towards this vulnerability as a possible explanation for how a trove of celebrity photos (and some alleged videos) were acquired and posted online. Apple hasn’t stated whether this is the cause of the leak, but it has now patched the issue.
Anyone who attempts to exploit the vulnerability will now be locked out. Time will tell whether this was the cause of the leaked celebrity images, but the short time span between the vulnerability being made known, the leak taking place, and then the patch seem fairly damning.