iPhone vulnerability targets Apple's iOS Mail app
A newly disclosed iPhone vulnerability gives hackers yet another reason to love email.
According to the San Francisco-based security firm ZecOps, bad actors have discovered a way to attack iOS devices via their default email app. And here's the real kick to the guts: In some cases, you don't even have to be tricked into opening the email. The damage is done simply by your phone downloading the malicious email in the background.
ZecOps published details of the vulnerability on Monday, claiming it has seen the attack "widely exploited in the wild." In other words, ZecOps is saying this isn't just some theoretical bug. Rather, people have actually used it in targeted attacks. The vulnerability affects, to some degree, every version of Apple's operating system from iOS 6 and up.
"The vulnerability allows remote code execution capabilities and enables an attacker to remotely infect a device by sending emails that consume significant amount of memory," explains ZecOps. "The vulnerability can be triggered before the entire email is downloaded, hence the email content won’t necessarily remain on the device."
Phones running iOS 13 are particularly vulnerable, as they reportedly don't even need to open the email for it to do its work. If you're running iOS 12, you're a tad bit better off — you have to click the email first, but your phone is ultimately still at risk if you do so.
We reached out to Apple to both confirm ZecOps report and to determine when, if ever, it plans to issue a patch. Apple confirmed that a vulnerability in Mail is patched in the iOS 13.4.5 beta, which is out now, and will be included in an upcoming software update.
This, reportedly, is what a failed attack looks like on an iPhone.Credit: zecopsAt present, assuming you're not running a beta version of iOS, ZecOps says there is no way to prevent this attack other than to disable the default iOS mail app.
So, should you actually be worried about this? Well, that depends. Are you someone with valuable information that a nation-state might want a piece of? If so, then possibly.
Victims of this attack, claims ZecOps, include "individuals from a Fortune 500 organization in North America," "an executive from a carrier in Japan," "a VIP from Germany," "[managed security service providers] from Saudi Arabia and Israel," and "a Journalist in Europe."
SEE ALSO: As coronavirus spreads, yet another company brags about tracking you
In other words, your average Joe doesn't need to stress about this too much.
Still, it's worth keeping in mind that no operating system is completely hack-proof. And yes, that even includes Apple's. Oh yeah, and it also serves as a stark reminder that you should always make sure your phone is running the latest version of iOS — whether you're an average Joe or not.
-
The Weird, Wonderful World of Water TowersFamily yearns to see boxing legend one last timeRampant speculation surrounds US换位思考真情服务 换角体验真心为民Why Kamala Harris triggers Donald Trump so intensely.'US may offer sanctions relief to North Korea'Trump signals more meetings after HanoiApple is exploring an even thinner iPhone for its 2025 lineupPixel 9 Pro XL hands获评优秀!东源县晒出2023年“百千万工程”成绩单
- ·Cicadas love to land on people. Experts explain why.
- ·把握关键 突出重点 提高教育质量
- ·Vietnam making all
- ·[Newsmaker] South Korean authorities, private preschools on collision course
- ·11 Places to See Tiny Trains
- ·上班前不吃有浓烈异味的食品
- ·How to turn off Google AI Overviews
- ·我国建立“野生稻种质库+种质圃+原生境保护点”完善体系
- ·Scientists discover where the huge dinosaur
- ·'Avengers: Infinity War' and Star
- ·Watch: 'The Karate Kid' sequel 'Cobra Kai' stars on 'The Today Show'
- ·Trump says Japan's PM nominated him for Nobel Peace Prize
- ·New Grok response directs users to Vote.gov for election questions
- ·Moon calls for bold shift to 'new Korean Peninsula regime'
- ·用花岗石废料生产微晶玻璃 荥经一企业专利获省三等奖
- ·N. Korean leader thanks Vietnam for welcoming him
- ·[LLG] When compassion meets law: Lawyer defends goats, dogs, other helpless animals
- ·[Video] Violence erupts at Liberty Korea Party national convention as union stages surprise protest
- ·Agency blames Chinese fireworks for recent fine dust pollution
- ·Koreas to field joint teams in 4 sports at 2020 Tokyo Olympics
- ·Our galaxy might crash into Andromeda. What would happen to Earth?
- ·North Korea has long way to go to denuclearize, but Yongbyon offer 'significant': ex
- ·'Great British Bake Off' finale is tonight, and British Twitter is going to explode
- ·North Korea speeds construction spree in Samjiyon
- ·It's Unnecessary But, AMD Is Basically Lying About CPU Performance
- ·'US may offer sanctions relief to North Korea'
- ·Best Labor Day headphones deals: Apple, Bose, Beats, and more on sale
- ·Man reunites with stolen dog after emailing Amazon CEO Jeff Bezos
- ·Kim, Trump arrive in Hanoi for make
- ·Trump says Japan's PM nominated him for Nobel Peace Prize
- ·Tesla Robotaxis aren't coming in August, it seems
- ·Pope Francis met with gay couple before Kim Davis.
- ·Chemistry Nobel Prize for DNA repair work by Lindahl, Modrich, Sancar.
- ·OpenAI drops ChatGPT’s ‘Sky’ voice after Scarlett Johansson 'Her' comparisons
- ·Arshad Nadeem receives Hilal
- ·Bolton in Hanoi for North Korea summit