Latest in Gear

Image credit: hocus-focus via Getty Images

Apple says Mail app vulnerabilities don't pose an 'immediate risk' to users

It also found "no evidence" that the it was exploited in the wild.
Steve Dent, @stevetdent
April 24, 2020
212 Shares
Share
Tweet
Share

Sponsored Links

İstanbul, Turkey - December 13, 2013: Close up shot of the applications of iPhone 5 screen. The iPhone 5 is a touchscreen smartphone developed by Apple Inc.
hocus-focus via Getty Images

Apple has downplayed the danger of a Mail bug disclosed recently by a security firm, according to a tweet from analyst Rene Ritchie. According to ZecOps, the app has a zero-day exploit that could let attackers infect your iOS device even if you don’t click on links or take other actions. Furthermore, ZecOps said it had evidence that attackers had attempted to use the flaw for at least two years against six or more potential targets around the world.

However, Apple told Ritchie that the issues discovered by ZecOps are “insufficient [alone] to bypass iPhone and iPad security protections, and we have found no evidence they were used against customers.” Apple added that “these issues do not pose an immediate risk to our users...these potential issues will be addressed in a software update soon.”

ZecOps originally said that it found its evidence through digital clues left behind in iOS, adding that it couldn’t obtain proof in the form of messages as they had been deleted from targets’ phones. In a response to Apple's statement, the company reiterated its stance that it had seen "triggers in-the-wild" for the exploit and that once the update has been pushed to users it will "release more information and POCs (proof of concepts)" to further clarify its original findings.

A security researcher from Jamf told the WSJ that the evidence of attacks was “compelling” but not authoritative. In any even, while Apple is now saying that the vulnerabilities weren’t exploited in the wild, they were clearly still serious enough to warrant a patch.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
212 Shares
Share
Tweet
Share

Popular on Engadget

The 2020 Engadget Holiday Gift Guide

The 2020 Engadget Holiday Gift Guide

View
Scientists find neutrinos from star fusion for the first time

Scientists find neutrinos from star fusion for the first time

View
The best Black Friday tech deals that are already available

The best Black Friday tech deals that are already available

View
Apple's Intel-powered MacBook Air falls to $799 ahead of Black Friday

Apple's Intel-powered MacBook Air falls to $799 ahead of Black Friday

View
Apple's entry-level iPad returns to $299 for Black Friday

Apple's entry-level iPad returns to $299 for Black Friday

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr