Header Ads

Apple patches major security flaw found on iOS 6 and later

Apple claims that the latest iOS 13.4.5 beta fixes the security exploit that security firm ZecOps reported affecting Mail app.
Apple patches major security flaw found on iOS 6 and later
File photo: iPhone XS, still the best iPhone for one-handed use

Previously unknown security flaw fixed after 6 iOS generations

ZecOps reveals Mail app vulnerability
ZecOps reveals Mail app vulnerability

Security firm ZecOps published a report that claims of the discovery of two major security vulnerabilities that were previously unidentified. The exploit would allow attackers remotely access, modify, and delete emails from Mail app users.

If you want to know if you are affected by this exploit, you can visit ZecOps blog page at this link and go to the "Were you Targeted by this vulnerability" and click on "Check Now".

ZecOps explains in detail that all attackers need to do to take advantage of the exploit is to craft emails that trigger the security vulnerability which results in granting attackers remote access. In iOS 12, attackers would require the unknowing user to click on a malicious email. However, in the latest iOS 13 where Mail opens the main in the background, attackers don't need assistance or a click from the user.

What makes matters worse is that the exploit has been present in the Mail app since iOS 6. The exploit has been around for over several generations without it being revealed.

In an official statement by Apple that you can read, the company said "Apple take all reports of security threats seriously. We have thoroughly investigated the researcher's report and, based on the information provided, have concluded these issues do not pose an immediate risk to our users. The researcher identified three issues in Mail, but alone they are insufficient to bypass iPhone and iPad security protections, and we have found no evidence they were used against customers."

Lastly, ZecOps reports that Apple has patched the vulnerability with the latest iOS 13.4.5 beta release. This means that a patch that fixes the bug will arrive to iOS users worldwide soon.

What do you guys think?

Powered by Blogger.