Apple says recently reported iOS Mail vulnerability not an imminent risk to iPhone and iPad users

68comments
Apple says recently reported iOS Mail vulnerability not an imminent risk to iPhone and iPad users
Apple has refuted claims made by the cybersecurity firm ZecOps recently that hackers were able to exploit an iOS vulnerability. The security company had said that the loophole could allow attackers to read, edit, and delete emails on the default Mail app on iPads and iPhones.
 
Additionally, it had also identified some high-profile individuals that it believes were targeted. Although Apple acknowledges the existence of the iOS bug, it says it has found no evidence that it was used against iPhone users.
 

The identified iOS bug is not enough to bypass security protections according to Apple

 
The company asserts that the said vulnerability alone is not sufficient to enable cybercriminals to bypass security. ZecOps, on the other hand, had said that a specially crafted email sent by attackers is enough to exhaust the RAM of a device, letting them break out of protections that exist to prevent the proprietary Mail app from executing malicious code.
 
Apple says it has investigated ZecOps’s report thoroughly and come to the conclusion that the bug does not pose an immediate risk to its customers. The company will patch the problem soon in an update. The issue has already been fixed in the iOS 13.4.5 beta.
 
If you want to be on the safe side until the issue is resolved, it might be a good idea to disable the Mail app temporarily. That’s because even though Apple claims its customers were not targeted using the vulnerability in question, ZecOps had said it could be used in conjunction with other loopholes such as a kernel vulnerability to gain full device access. The security firm has already warned that the attackers seemingly involved in email exploits have also discovered another vulnerability. This is currently being investigated, so we can't say if this particular vulnerability is also being used by attackers.


Recommended Stories

Loading Comments...
FCC OKs Cingular\'s purchase of AT&T Wireless