Menu
Apple admits to widespread iOS Mail security threat but claims no ‘immediate risk’

Apple admits to widespread iOS Mail security threat but claims no ‘immediate risk’

Fix coming 'soon'

Credit: Dreamstime

After a security firm uncovered a flaw in Apple’s iOS Mail app that “allows remote code execution capabilities and enables an attacker to remotely infect a device by sending emails that consume significant amount of memory,” the technology giant is assuring users that it doesn’t pose an immediate risk.

In a statement to the market, Apple assured users that the protections in place on iPhones and iPads are strong enough to mitigate any potential risk. “The researcher identified three issues in Mail, but alone they are insufficient to bypass iPhone and iPad security protections.”

In its findings, security researcher ZecOps said the flaws “would allow the attacker to leak, modify, and delete emails.”

Users who were the recipient of “failed attacks” might see emails displaying the fairly common, “this message has content” warning. Affected users wouldn’t notice any changes on their device other than “a temporary slowdown” of the Mail app, ZecOps said. The flaws existed since iOS 6, the company says.

While the flaws were “triggered in-the-wild,” according to ZecOps, it said the bugs alone “cannot cause harm to iOS users – since the attackers would require an additional infoleak bug & a kernel bug afterwards for full control over the targeted device.” In its statement, Apple said it has “found no evidence they were used against customers.”

Apple said the vulnerabilities will be addressed in an upcoming software update and has already provided a beta patch in IOS 13.4.5 that ZecOps confirms fixes the issue. If you want to install the patch before its public release, you can join Apple’s iOS Public Beta program.


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags Appleiossecurity

Events

Featured

Slideshows

Reseller News Exchange Auckland: Beyond the myths — how partners can master cloud security

Reseller News Exchange Auckland: Beyond the myths — how partners can master cloud security

This exclusive Reseller News Exchange event in Auckland explored the challenges facing the partner community on the cloud security frontier, as well as market trends, customer priorities and how the channel can capitalise on the opportunities available. In association with Arrow, Bitdefender, Exclusive Networks, Fortinet and Palo Alto Networks. Photos by Gino Demeer.

Reseller News Exchange Auckland: Beyond the myths — how partners can master cloud security
Reseller News welcomes industry figures at 2020 Hall of Fame lunch

Reseller News welcomes industry figures at 2020 Hall of Fame lunch

Reseller News welcomed 2019 inductees - Leanne Buer, Ross Jenkins and Terry Dunn - to the fourth running of the Reseller News Hall of Fame lunch, held at the French Cafe in Auckland. The inductees discussed the changing face of the IT channel ecosystem in New Zealand and what it means to be a Reseller News Hall of Fame inductee. Photos by Gino Demeer.

Reseller News welcomes industry figures at 2020 Hall of Fame lunch
Show Comments