Apple claims the email bug was not used to exploit iPhone, iPad users

04/24/2020 Technology



[ad_1]

apple, apple mail, apple mail error, apple mail ios, ipados, macos, latest technology news

Apple claims that the email error did not exploit any iPhone or iPad user.

Apple found no evidence in a report from cyber security company ZecOps that it discovered two vulnerabilities in Apple iOS mail that they believed were widely exploited in nature to target iPhone and iPad users. Security researchers at San Francisco-based ZecOps discovered the bugs in the default iOS and iPadOS email app. Errors allow remote code to run in the context of MobileMail (iOS 12) or maild (iOS 13). Successful exploitation of this vulnerability would allow the attacker to filter, modify, and delete emails.

“Apple takes all reports of security threats seriously. We have thoroughly investigated the investigator’s report and, based on the information provided, we have concluded that these problems do not pose an immediate risk to our users,” the technology giant said in a released Thursday.

The company added that the researcher identified three problems in Mail, “but by themselves they are insufficient to bypass iPhone and iPad security protections, and we have found no evidence that they were used against customers.”

ZecOps had said that “the additional core vulnerability would provide full access to the device; we suspect these attackers had another vulnerability. It is currently under investigation.”

Also, in iOS 13, end users do not need to take any action for exploitation to be successful. In iOS 12, the bug requires the victim to click on an email. If an attacker controls the mail server, the attack can also be performed without clicks on iOS 12, the researchers said.

iOS is vulnerable to these bugs since at least iOS 6 – September 2012, ZecOps said, adding that it did not verify previous versions. MacOS is not vulnerable to these errors, he added.

Apple said these potential issues will be addressed in a software update soon. “We value our collaboration with security investigators to help keep our users safe and we will credit the investigator for their help,” the company said.

Latest technology news

Fight against coronavirus: full coverage



[ad_2]

Tags

Designed by Tricksfast Solutions
© Copyright 2024, All Rights Reserved