Apple Patches Two Security Vulnerabilities Impacting Mail App in iOS 13.4.5 Beta

by

San Francisco-based cybersecurity company ZecOps today announced that it has uncovered two zero-day security vulnerabilities affecting Apple's stock Mail app on iOS devices, as noted by Motherboard and The Wall Street Journal.

mail ios app icon
ZecOps claims that one of the vulnerabilities enables an attacker to remotely infect an iOS device by sending emails that consume a significant amount of memory, while another could allow remote code execution capabilities. Successful exploitation of the vulnerabilities is said to allow an attacker to leak, modify, and delete a user's emails.

Targets of the vulnerabilities have apparently included corporate executives and government officials rather than average end users.

The vulnerabilities are said to impact all software versions between iOS 6 and iOS 13.4.1. ZecOps said that Apple has patched the vulnerabilities in the latest beta of iOS 13.4.5, which should be publicly released within the coming weeks. In the meantime, ZecOps recommends using a third-party email app like Gmail or Outlook, which are apparently not impacted.

Related Forum: iOS 13

Top Rated Comments

Nimrad Avatar
Nimrad
52 months ago
There are also some critical usability issues that need to fixed asap.
Score: 27 Votes (Like | Disagree)
fbr$ Avatar
fbr$
52 months ago

ZecOps recommends using a third-party email app like Gmail
I stopped reading there...
Score: 16 Votes (Like | Disagree)
Mick-Mac Avatar
Mick-Mac
52 months ago
The ONE thing I like about Apple's Mail (on both the Mac and iOS) is that Apple demonstrably respect your privacy. Everybody else pretty much doesn't (except for paid services like proton mail). So I use Apple's Mail, however it is just a piece of junk compared to everything else out there. It's good that security bugs are found and fixed, but in the name of all things holy can somebody at Apple please dip their little finger into that hoard of cash they own and just FIX mail. Make it something they can take pride in and not be a magnet for endless frustration for their customers.
Score: 12 Votes (Like | Disagree)
I7guy Avatar
I7guy
52 months ago

I guess everyone with devices that can't run iOS 13 need to just buy new hardware.
My guess is Apple will roll this into ios 12, when ios 13.4.5 is released.
Score: 12 Votes (Like | Disagree)
H3LL5P4WN Avatar
H3LL5P4WN
52 months ago
How considerate of them to tell Apple first and allow it to be patched before publicly disclosing it.

/s
Score: 11 Votes (Like | Disagree)
Itada Avatar
Itada
52 months ago

How considerate of them to tell Apple first and allow it to be patched before publicly disclosing it.

/s
Except that the cat was already out of the bag: they were already being exploited, for years. ZecOps found them by investigating the aftermath of successful attacks.
Score: 10 Votes (Like | Disagree)
Read All Comments

Popular Stories

maxresdefault

Apple Announces 'Let Loose' Event on May 7 Amid Rumors of New iPads

Tuesday April 23, 2024 7:11 am PDT by
Apple has announced it will be holding a special event on Tuesday, May 7 at 7 a.m. Pacific Time (10 a.m. Eastern Time), with a live stream to be available on Apple.com and on YouTube as usual. The event invitation has a tagline of "Let Loose" and shows an artistic render of an Apple Pencil, suggesting that iPads will be a focus of the event. Subscribe to the MacRumors YouTube channel for more ...
Read Full Article263 comments
Apple Vision Pro Dual Loop Band Orange Feature 2

Apple Cuts Vision Pro Shipments as Demand Falls 'Sharply Beyond Expectations'

Tuesday April 23, 2024 9:44 am PDT by
Apple has dropped the number of Vision Pro units that it plans to ship in 2024, going from an expected 700 to 800k units to just 400k to 450k units, according to Apple analyst Ming-Chi Kuo. Orders have been scaled back before the Vision Pro has launched in markets outside of the United States, which Kuo says is a sign that demand in the U.S. has "fallen sharply beyond expectations." As a...
Read Full Article390 comments
iPhone 15 Pro FineWoven

Apple Reportedly Stops Production of FineWoven Accessories

Sunday April 21, 2024 6:03 am PDT by
Apple has stopped production of FineWoven accessories, according to the Apple leaker and prototype collector known as "Kosutami." In a post on X (formerly Twitter), Kosutami explained that Apple has stopped production of FineWoven accessories due to its poor durability. The company may move to another non-leather material for its premium accessories in the future. Kosutami has revealed...
Read Full Article444 comments
iOS 17 All New Features Thumb

iOS 17.5 Will Add These New Features to Your iPhone

Sunday April 21, 2024 3:00 am PDT by
The upcoming iOS 17.5 update for the iPhone includes only a few new user-facing features, but hidden code changes reveal some additional possibilities. Below, we have recapped everything new in the iOS 17.5 and iPadOS 17.5 beta so far. Web Distribution Starting with the second beta of iOS 17.5, eligible developers are able to distribute their iOS apps to iPhone users located in the EU...
Read Full Article
iPad And Calculator App Feature

Apple Finally Plans to Release a Calculator App for iPad Later This Year

Tuesday April 23, 2024 9:08 am PDT by
Apple is finally planning a Calculator app for the iPad, over 14 years after launching the device, according to a source familiar with the matter. iPadOS 18 will include a built-in Calculator app for all iPad models that are compatible with the software update, which is expected to be unveiled during the opening keynote of Apple's annual developers conference WWDC on June 10. AppleInsider...
Read Full Article208 comments