Part of Apple’s statement, as received by Ina Fried at Axios:
Based on our initial analysis, the alleged iPhone vulnerability affected iPhone 3G only and was fixed in 2009 when iPhone 3GS was released. Additionally, our preliminary assessment shows the alleged Mac vulnerabilities were previously fixed in all Macs launched after 2013.
Nothing shocking here. The Thunderbolt vulnerability described breathlessly by WikiLeaks is that “Thunderstrike” bug that was patched over two years ago for 2013 and newer Macs. Not surprisingly, keeping your system up to date continues to be the best defence against everyone from script kiddies to intelligence agencies.