• Home
  • Apps
  • iOS
  • News
  • Apple Denies iOS Mail Vulnerabilities Pose Any Immediate Threat, But a Patch Is on the Way

Apple Denies iOS Mail Vulnerabilities Pose Any Immediate Threat, But a Patch Is on the Way

Apple Denies  iOS Mail Vulnerabilities Pose Any Immediate Threat, But a Patch Is on the Way

Apple, responding to a recent report on iOS Mail app vulnerabilities, denies that the issues pose an immediate risk to users.

Earlier this week cybersecurity firm ZecOps revealed that it had discovered two zero-day security vulnerabilities that affects Apple’s Mail app for iPhones and iPads.

ZecOps explains the vulnerabilities as follows:

  • The vulnerability allows remote code execution capabilities and enables an attacker to remotely infect a device by sending emails that consume a significant amount of memory
  • The vulnerability does not necessarily require a large email – a regular email that is able to consume enough RAM would be sufficient. There are many ways to achieve such resource exhaustion including RTF, multi-part, and other methods
  • Both vulnerabilities were triggered in-the-wild
  • The vulnerability can be triggered before the entire email is downloaded, hence the email content won’t necessarily remain on the device

Apple has responded to the report by saying the flaws do not pose an immediate threat to iOS Mail users:

“Apple takes all reports of security threats seriously. We have thoroughly investigated the researcher’s report and, based on the information provided, have concluded these issues do not pose an immediate risk to our users. The researcher identified three issues in Mail, but alone they are insufficient to bypass iPhone and iPad security protections, and we have found no evidence they were used against customers. These potential issues will be addressed in a software update soon. We value our collaboration with security researchers to help keep our users safe and will be crediting the researcher for their assistance.”

The vulnerabilities are believed to affect all iOS software versions between iOS 6 and iOS 13.4.1. ZecOps reports that Apple has patched the security holes in the latest beta of iOS 13.4.5, which should be released sometime in the next few weeks. Until the patch is available, ZecOps recommends using a third-party email app like Gmail or Outlook, which do not include the vulnerabilities.

  1. 216957 646535Some times its a discomfort within the ass to read what men and women wrote but this web site is real user genial ! . 653070

  2. vendor cvv says:

    567245 148781Absolutely pent topic matter, regards for entropy. 777481

  3. 944986 76008Right after study numerous of the content material within your web site now, and i also truly considerably like your way of blogging. I bookmarked it to my bookmark site list and are checking back soon. Pls take a look at my web page also and inform me how you feel. 927189

  4. cvv with dob says:

    217005 162123I got what you mean ,bookmarked , really good internet website . 328000

  5. 286354 409377I definitely did not recognize that. Learnt 1 thing new today! Thanks for that. 856697

  6. 302252 751538Hey, you used to write fantastic, but the last couple of posts have been kinda boring I miss your tremendous writings. Past few posts are just slightly out of track! come on! 404459

  7. 977578 313501I truly enjoy examining on this website , it has excellent content . 989480

  8. betmate says:

    에볼루션접속 먹튀검증 안전노리터 go

  9. sbobet says:

    321143 125602hi this post help me full . .in case you want watches men check out my internet sites is extremely aid you for men watches. .thank man great job. 983202

Leave a Reply

Your email address will not be published.