Earlier this week security company ZecOps reported a vulnerability in iOS and iPadOS Mail app that could result in attackers taking over the iPhone or iPad using a tampered mail. [Read more here: iPhone Mail app ‘vulnerable to hackers’]
Now Apple has responded, claiming that the security flaw is not critical and confirming that a iOS and iPadOS patch is already on the way.
Apple told to Bloomberg’s Mark Gurman that the researcher’s report has been “thoroughly investigated” because Apple “takes all reports of security threats seriously”.
Apple responds to ZecOps report on Mail app vulnerabilities, says it doesn’t pose immediate risk and software update coming. pic.twitter.com/z4ExrmVfK8
— Mark Gurman (@markgurman)
April 24, 2020
“Based on the information provided, [we] have concluded these issues do not pose an immediate risk to our users.”
“The researcher identified three issues in Mail, but alone they are insufficient to bypass iPhone and iPad security protections.”
Apple claimed: “We have found no evidence that they were used against customers.” However, Zecops had claimed the opposite, reporting attacks on individuals in the United States and journalists in Europe.
The German Federal Office for Information Security (BSI) warned that due to the loophole: “It is potentially possible to read, change and delete emails”.
This article originally appeared on Macwelt. Translation by Karen Haslam.
Via MACWORLD