While this is obviously good news, it seems that some in the security researcher community aren’t so thrilled by this. This is because they feel that Apple had failed to credit the discovery of the flaw to researcher Jose Rodriguez who had actually detailed the vulnerability back in September.
https://twitter.com/illusionofcha0s/status/1444030069308022785
Rodriguez had publicly disclosed the vulnerability by publishing a proof of concept on his YouTube channel showing how the vulnerability worked. According to the researcher, the reason for not informing Apple ahead of time was in hopes that it would shed light on the problems with Apple’s Bug Bounty program.
This is not the first time that Apple was found to have patched security flaws in its software without crediting the researchers who found it. However, it has been suggested that Apple has hired a new team to lead the Bug Bounty program in hopes of reforming it, so hopefully this won’t be an issue in the future.