Categories: NewsTech

Report: iPhone’s native Mail app has an eight-year-old security flaw

Researchers from a cybersecurity startup in the U.S. have published a report claiming that the Mail app in iOS has a serious security flaw that hackers can exploit. The exploit has apparently been around since 2012 on iOS 6, and is still present in the current official iOS version from Apple.

The vulnerability was first noticed by ZecOps when dealing with random crashes on the iPhones of their customers. Having investigated the issue, the researchers notified Apple—who have reportedly patched the vulnerability in the latest iOS beta release.

While an update could be coming soon, this means that current iOS users could be vulnerable to hackers via remote code execution capabilities—all without having to download anything. The way it works, perpetrators send disguised emails to victims which, when opened, infect the victim’s machine.

SOURCE: ZecOps

“Based on ZecOps Research and Threat Intelligence, we surmise with high confidence that these vulnerabilities – in particular, the remote heap overflow – are widely exploited in the wild in targeted attacks by an advanced threat operator(s).”

However, it’s worth noting that ZecOps did not provide much in the way of hard evidence, saying that the infected email messages were remotely detonated. The report also alleges that a string of prominent individuals, including individuals from a Fortune 500 country, a VIP from Germany, and so on. While the names aren’t revealed for privacy purposes, “A Journalist in Europe” is a little vague.

To stay protected, ZecOps says that you should disable the native Mail app in iOS, and use an alternative instead. When the update is available, users are advised to update as soon as possible.

“To mitigate these issues—you can use the latest beta available. If using a beta version is not possible, consider disabling Mail application and use Outlook or Gmail that are not vulnerable.”

Or, y’know, you could switch to an Android phone.

[ SOURCE ]

Recent Posts

MAG introduces Malaysia Airlines’ first A330neo, serving KL to Melbourne route

Malaysia Aviation Group (MAG) has celebrated the arrival of Malaysia Airlines' first Airbus A330-900 (A330neo)…

33 minutes ago

Samsung Galaxy S25 series might look pretty familiar, but is that a camera shutter button?

We've previously reported that Samsung's next generation of non-foldable flagship smartphones, the Samsung Galaxy S25…

54 minutes ago

Yes 5G now lets you roam in 12 countries including South Korea from RM10/day

Yes 5G has expanded its Yes Roam ASEAN Plus Data Roaming offering which now covers…

8 hours ago

This foldable smartphone redefines its segment with next-level design and performance

This post is brought to you by HUAWEI. In Q1 2024, HUAWEI captured an impressive…

22 hours ago

TM confirms staff and contractors involved in cable theft incident in Penang

Telekom Malaysia (TM) has acknowledged a cable theft incident in Tanjung Bungah, Penang involving their…

1 day ago

Acer Revo Box Mini PC launched in Malaysia – 13th Gen Intel Core i5 & i7, priced from RM2,049

Acer has launched the Acer Revo Box Mini PC here in Malaysia. Offered in two…

1 day ago

This website uses cookies.