Apple Patches Two Security Vulnerabilities Impacting Mail App in iOS 13.4.5 Beta - MacRumors
Skip to Content

Apple Patches Two Security Vulnerabilities Impacting Mail App in iOS 13.4.5 Beta

by

San Francisco-based cybersecurity company ZecOps today announced that it has uncovered two zero-day security vulnerabilities affecting Apple's stock Mail app on iOS devices, as noted by Motherboard and The Wall Street Journal.

mail ios app icon
ZecOps claims that one of the vulnerabilities enables an attacker to remotely infect an iOS device by sending emails that consume a significant amount of memory, while another could allow remote code execution capabilities. Successful exploitation of the vulnerabilities is said to allow an attacker to leak, modify, and delete a user's emails.

Targets of the vulnerabilities have apparently included corporate executives and government officials rather than average end users.

The vulnerabilities are said to impact all software versions between iOS 6 and iOS 13.4.1. ZecOps said that Apple has patched the vulnerabilities in the latest beta of iOS 13.4.5, which should be publicly released within the coming weeks. In the meantime, ZecOps recommends using a third-party email app like Gmail or Outlook, which are apparently not impacted.

Related Forum: iOS 13

Popular Stories

Dynamic Island iPhone 18 Pro Feature

11 Reasons to Wait for the iPhone 18 Pro

Monday May 11, 2026 9:01 am PDT by
We're only four months out from the launch of Apple's premium next-generation smartphone lineup, and while we're not expecting a sea change in terms of functionality, there are still several enhancements rumored to be coming to the iPhone 18 Pro and iPhone 18 Pro Max. One thing worth noting is that Apple is reportedly planning a major change to its iPhone release cycle this year, adopting a...
Read Full Article35 comments
General Apps Reddit Feature

Reddit Starts Blocking Mobile Website, Pushing Users to App Instead

Monday May 11, 2026 6:10 am PDT by
Social network Reddit recently began blocking mobile visitors to its website while pushing them to download the official Reddit app, and it's fair to say that the move is not going down well with users. If you visit reddit.com on your iPhone today, you may see a new popup that can't be dismissed, asking you to "get the app to keep using Reddit." A Reddit spokesperson told Ars Technica...
Read Full Article124 comments
iOS 26

iOS 26.5 Features: Everything New in iOS 26.5

Monday May 11, 2026 5:09 pm PDT by
Apple released iOS 26.5 after a few months of beta testing, and while it doesn't have the Siri features we were hoping for since those are being held until iOS 27, there are a handful of useful changes worth knowing about. Subscribe to the MacRumors YouTube channel for more videos. End-to-End Encryption for RCS Support for end-to-end encryption (E2EE) for RCS messages between iPhone and...
Read Full Article56 comments

Top Rated Comments

N
Nimrad
79 months ago
There are also some critical usability issues that need to fixed asap.
Score: 27 Votes (Like | Disagree)
F
fbr$
79 months ago

ZecOps recommends using a third-party email app like Gmail
I stopped reading there...
Score: 16 Votes (Like | Disagree)
M
Mick-Mac
79 months ago
The ONE thing I like about Apple's Mail (on both the Mac and iOS) is that Apple demonstrably respect your privacy. Everybody else pretty much doesn't (except for paid services like proton mail). So I use Apple's Mail, however it is just a piece of junk compared to everything else out there. It's good that security bugs are found and fixed, but in the name of all things holy can somebody at Apple please dip their little finger into that hoard of cash they own and just FIX mail. Make it something they can take pride in and not be a magnet for endless frustration for their customers.
Score: 12 Votes (Like | Disagree)
I7guy Avatar
I7guy
79 months ago

I guess everyone with devices that can't run iOS 13 need to just buy new hardware.
My guess is Apple will roll this into ios 12, when ios 13.4.5 is released.
Score: 12 Votes (Like | Disagree)
H3LL5P4WN Avatar
H3LL5P4WN
79 months ago
How considerate of them to tell Apple first and allow it to be patched before publicly disclosing it.

/s
Score: 11 Votes (Like | Disagree)
Itada Avatar
Itada
79 months ago

How considerate of them to tell Apple first and allow it to be patched before publicly disclosing it.

/s
Except that the cat was already out of the bag: they were already being exploited, for years. ZecOps found them by investigating the aftermath of successful attacks.
Score: 10 Votes (Like | Disagree)
Read All Comments