Still, that doesn't mean Apple is completely in the clear. The vulnerabilities exploited by Wirelurker will be around for much longer, and could pose a serious threat to Apple's otherwise spotless record. Now that the platform has had its first real virus scare, there's reason to think it won't be the last. "From a broad perspective, the ecosystem is still in pretty good shape," says Ryan Olson, an intelligence director at Palo Alto Networks, "but this is the first door we've seen opening into the iOS world."
The iPhone's biggest protection against viruses is the App Store. If a piece of software isn't signed as approved by Apple, it can't run on an iPhone, which is enough to stop most viruses in their tracks. (Jailbreaking erases these protections, which is why jailbroken phones are more exposed.) But Wirelurker exploited an exception to that rule, built in to allow businesses to install their own software without going through the exhaustive App Store approval process. It's called "enterprise provisioning," and it's basically an official ID that lets third-party apps onto iOS devices.
It's not a loophole that many had thought about, and it could be a tricky one to close. Businesses buy a lot of iPhones for internal use, and allowing businesses to develop custom software has opened up a vast and lucrative market for Apple. But that success also makes it unlikely that Apple will be able to close the enterprise loophole entirely. To do so would mean endangering tens of millions of dollars in business over what can still be viewed as a fairly minor bug.
There are still other options for fixing the vulnerability. iOS security researcher Jonathan Zdziarski says he'd like to see a "non-enterprise" mode for iPhones, since only a tiny fraction of devices will ever need the enterprise side-loading features. Apple could also encrypt devices' pair records, which would give connected computers less of a view into device activity. On the more technical side, Apple could use the iPhone's secure element to validate applications, giving apps the same level of security as a user's banking information. It still remains to be seen how much Apple will want to change as a result of the Wirelurker, but if the company decides to tighten up, there are plenty of ways to do it.
If Apple hasn't looked at these options before, it's because it’s never had to. While Android has struggled with waves of malware and piracy, the App Store has kept iOS spotless. Centrally certified software is a genuinely effective way to stop viruses, and with the App Store model in place, there's no reason Apple couldn't keep its perfect record. If cracks are showing, it's only because selling iPhones to businesses was too attractive to pass up. It’s a question of politics rather than code: how much virus risk is Apple willing to tolerate to keep its enterprise business safe?