Apple Patches Two Security Vulnerabilities Impacting Mail App in iOS 13.4.5 Beta

by

San Francisco-based cybersecurity company ZecOps today announced that it has uncovered two zero-day security vulnerabilities affecting Apple's stock Mail app on iOS devices, as noted by Motherboard and The Wall Street Journal.

mail ios app icon
ZecOps claims that one of the vulnerabilities enables an attacker to remotely infect an iOS device by sending emails that consume a significant amount of memory, while another could allow remote code execution capabilities. Successful exploitation of the vulnerabilities is said to allow an attacker to leak, modify, and delete a user's emails.

Targets of the vulnerabilities have apparently included corporate executives and government officials rather than average end users.

The vulnerabilities are said to impact all software versions between iOS 6 and iOS 13.4.1. ZecOps said that Apple has patched the vulnerabilities in the latest beta of iOS 13.4.5, which should be publicly released within the coming weeks. In the meantime, ZecOps recommends using a third-party email app like Gmail or Outlook, which are apparently not impacted.

Top Rated Comments

Nimrad Avatar
Nimrad
14 months ago
There are also some critical usability issues that need to fixed asap.
Score: 27 Votes (Like | Disagree)
fbr$ Avatar
fbr$
14 months ago

ZecOps recommends using a third-party email app like Gmail
I stopped reading there...
Score: 16 Votes (Like | Disagree)
Mick-Mac Avatar
Mick-Mac
14 months ago
The ONE thing I like about Apple's Mail (on both the Mac and iOS) is that Apple demonstrably respect your privacy. Everybody else pretty much doesn't (except for paid services like proton mail). So I use Apple's Mail, however it is just a piece of junk compared to everything else out there. It's good that security bugs are found and fixed, but in the name of all things holy can somebody at Apple please dip their little finger into that hoard of cash they own and just FIX mail. Make it something they can take pride in and not be a magnet for endless frustration for their customers.
Score: 12 Votes (Like | Disagree)
I7guy Avatar
I7guy
14 months ago

I guess everyone with devices that can't run iOS 13 need to just buy new hardware.
My guess is Apple will roll this into ios 12, when ios 13.4.5 is released.
Score: 12 Votes (Like | Disagree)
H3LL5P4WN Avatar
H3LL5P4WN
14 months ago
How considerate of them to tell Apple first and allow it to be patched before publicly disclosing it.

/s
Score: 11 Votes (Like | Disagree)
Itada Avatar
Itada
14 months ago

How considerate of them to tell Apple first and allow it to be patched before publicly disclosing it.

/s
Except that the cat was already out of the bag: they were already being exploited, for years. ZecOps found them by investigating the aftermath of successful attacks.
Score: 10 Votes (Like | Disagree)
Read All Comments

Top Stories

tracking disabled ios 14 5

Analytics Suggest 96% of Users Leave App Tracking Disabled in iOS 14.5

Friday May 7, 2021 1:51 am PDT by
An early look at an ongoing analysis of Apple's App Tracking Transparency suggests that the vast majority of iPhone users are leaving app tracking disabled since the feature went live on April 26 with the release of iOS 14.5. According to the latest data from analytics firm Flurry, just 4% of iPhone users in the U.S. have actively chosen to opt into app tracking after updating their device...
Read Full Article212 comments
macbook colors 3d black bezels

Prosser: Next MacBook Air Could Come in Colors Similar to iMac

Friday May 7, 2021 6:55 am PDT by
According to Apple leaker Jon Prosser, Apple's upcoming release of the MacBook Air will feature various colors, similar to the colors in the newly released 24-inch iMac. In the latest video of his YouTube channel Front Page Tech, Prosser says the same source who accurately provided him information on the first Apple silicon iMac coming in colors has told him that he recently saw a prototype...
Read Full Article334 comments
snapchat dark mode

Snapchat Rolls Out Dark Mode on iOS

Wednesday May 5, 2021 1:17 am PDT by
Nearly two years following the release of iOS and iPadOS 13, which included native, built-in, and systemwide dark mode, Snapchat, one of the world's most prominent social media networks, has finally rolled out a dark mode theme for iOS users. Snapchat began testing a dark mode theme of its app design late last year with a small group of iOS users. Now, Snapchat says that as of this week, it...
Read Full Article19 comments
tile amazon sidewalk integration

Tile to Leverage Amazon Echo and Ring Devices to Better Compete With AirTags

Friday May 7, 2021 2:07 pm PDT by
Amazon today announced that it is teaming up with Tile to add Amazon Sidewalk integration to Tile's Bluetooth trackers. Amazon Sidewalk, for those unfamiliar, is a network of Amazon Bluetooth devices that's designed to improve the connectivity of devices like the Ring and Amazon Echo. Tile will now be joining Amazon Sidewalk, and through this integration, Amazon Echo and Ring devices will be ...
Read Full Article157 comments
tile sticker e1570533758981

Tile CEO: 'We Welcome Competition From Apple, But We Think It Needs to Be Fair'

Tuesday May 4, 2021 9:51 am PDT by
Just after Apple announced its AirTags, Tile CEO CJ Prober relayed his concerns about competing with Apple in the tracking space, and said that Tile would ask Congress to investigate Apple's business practices specific to Find My and item trackers. Prober this week did an interview with Bloomberg, where he further expanded on Tile's complaints about Apple and why he feels that Tile is...
Read Full Article453 comments
airtag 1

AirTag Anti-Stalking Measures 'Just Aren't Sufficient' Says Washington Post Report

Wednesday May 5, 2021 6:03 pm PDT by
The safeguards that Apple built into AirTags to prevent them from being used to track someone "just aren't sufficient," The Washington Post's Geoffrey Fowler said today in a report investigating how AirTags can be used for covert stalking. Fowler planted an AirTag on himself and teamed up with a colleague to be pretend stalked, and he came to the conclusion that the AirTags are a "new means...
Read Full Article416 comments
signal instagram ads3

Signal Shares the Instagram Ads Facebook Doesn't Want You to See

Wednesday May 5, 2021 1:29 am PDT by
Encrypted messaging app Signal has had a series of Instagram ads blocked from the social media platform, after it attempted to show users how much data the Facebook-owned company collects about them and how it's used to push targeted ads. In a blog post, Signal described how it generated the ads to show users why they were seeing them, simply by declaring upfront the information that the...
Read Full Article102 comments
fortnite apple logo 2

Epic CEO Tim Sweeney Admits App Store's 30% Cut Is Similar to Consoles, Would Have Accepted Special Deal With Apple

Tuesday May 4, 2021 1:54 pm PDT by
Apple's legal battle with Epic Games is continuing on, and during the second day of the trial, Epic Games' CEO Tim Sweeney continued his testimony against Apple. Sweeney was grilled by Apple's lawyers, and made several points seemingly favorable to Apple. In addition to mentioning how he prefers Apple's iPhone and values Apple's privacy policies that he's aiming to dismantle, Sweeney...
Read Full Article210 comments
iphone 12 preorder purple

Apple Begins Transition to Randomized Serial Numbers With Purple iPhone 12

Wednesday May 5, 2021 9:17 am PDT by
MacRumors previously reported about Apple's plan to switch to randomized serial numbers for future products starting in early 2021, and this transition has now started with the new purple iPhone 12 model in multiple countries. With assistance from Aaron Zollo, host of the YouTube channel ZolloTech, we can confirm that the purple iPhone 12 released last month has a new 10-character serial...
Read Full Article82 comments
precision finding developer mode

AirTag Precision Finding Interface Includes Hidden 'Developer Mode'

Thursday May 6, 2021 1:32 am PDT by
A frustrated AirTag owner has inadvertently discovered the existence of a hidden "developer mode" in the on-screen interface that Find My displays when the Precision Finding feature is activated to help locate one of Apple's item trackers. Precision Finding is a feature that provides users with specific on-screen directions for finding a nearby AirTag. iPhones with a U1 chip, which includes ...
Read Full Article53 comments