watchOS 8.5 Fixes Mail Privacy Protection Loophole That Could Expose IP Addresses

watchOS 8.5 fixes a security vulnerability in the Mail app that could leak a user's IP address when downloading remote content, security researchers have found.

ios15 mail privacy feature
Last year, it emerged that Apple's Mail Privacy Protection feature was undermined by a lack of Apple Watch support. Mail Privacy Protection was a new feature introduced with iOS 15, iPadOS 15, and macOS Monterey that hides your IP address so senders are not able to determine your location or link email habits to your other online activity. It also prevents senders from tracking whether you opened an email, how many times you viewed an email, and whether you forwarded the email.

The feature works by routing all content downloaded by the Mail app through multiple proxy servers to strip your IP address, and then it assigns a random IP address that corresponds to your general region, making email senders see generic information rather than specific information about you.

Apple's legal documentation on Mail Privacy Protection indicates that the feature is available for iPhone, iPad, and Mac only, but security researchers and developers Talal Haj Bakry and Tommy Mysk discovered that since the Apple Watch does not hide a recipient's IP address, it can compromise the overall security provided by Mail Privacy Protection.

The Apple Watch downloads remote content, such as images, using the recipient's real IP address, both when receiving a Mail notification and when opening an email, meaning that even for users who had enabled Mail Privacy Protection on their ‌iPhone‌, their IP address can be exposed.

While Mail Privacy Protection is a feature exclusive to iOS 15, ‌iPadOS 15‌, and ‌macOS Monterey‌, the fact that simply receiving a Mail notification on the Apple Watch could reveal a user's IP address and bypass Mail Privacy Protection on other devices seemed to be an oversight. Now, Bakry and Mysk have found that Apple has fixed the issue in watchOS 8.5.

As of watchOS 8.5, loading remote content is automatically blocked on the Apple Watch, and instead provides an option to "Load Content Directly." Users can also select "Always Load Content Directly" for all new emails or "Ask to Load Content" on a per-email basis. The improvement was not included in watchOS 8.5's release notes.

watchOS 8.5 was released to the public yesterday and the update brings a number of other improvements, including updates to irregular heart rhythm notifications designed to improve atrial fibrillation identification, audio hints in Apple Fitness+ workouts, the ability to authorize Apple TV purchases and subscriptions, and the ability to restore an Apple Watch using an iPhone.

Top Rated Comments

msackey Avatar
9 months ago

The watchOS team really needs a shake-down. I’ve got the newest watch, and it has recently been the glitchiest of all my Apple devices.
Shortcuts on Apple Watch are very glitchy too.

Anytime you have a Prompt with text in which the input is numeric (e.g., “Please input your weight” and the input is numbers only), the Apple Watch will not display the prompt and only ask you to input numbers. When you have a Shortcut with various prompts (e.g., What is your weight? What is your BMI? etc.) you need to see what the prompt is asking otherwise you lose your place and don’t know what the context is for inputting numbers! This doesn’t even need explanining.

This issue has been with us since about the last two Apple WatchOS versions!
Score: 3 Votes (Like | Disagree)
twistedpixel8 Avatar
9 months ago

Security vulnerability is a part of life.

It will always happen.
True, but this one was ridiculous for Apple to miss.
Score: 3 Votes (Like | Disagree)
pdaholic Avatar
9 months ago
The watchOS team really needs a shake-down. I’ve got the newest watch, and it has recently been the glitchiest of all my Apple devices.
Score: 3 Votes (Like | Disagree)
dk001 Avatar
9 months ago
Things like this make you wonder how segregated Apple teams are.
This should not have been missed.
Score: 2 Votes (Like | Disagree)
twistedpixel8 Avatar
9 months ago

The two most egregious glitches for me are the random failure to charge (even with the oem charger) and my inability to turn off screen time downtime. Downtime randomly turns on and I have to reboot the watch to get it to turn off, otherwise the watch is useless. There are other glitches, but those stand out!
I was almost late for work this morning because haptics just completely stopped and my watch alarm is set to vibrate only.
Score: 2 Votes (Like | Disagree)
pdaholic Avatar
9 months ago

Shortcuts on Apple Watch are very glitchy too.

Anytime you have a Prompt with text in which the input is numeric (e.g., “Please input your weight” and the input is numbers only), the Apple Watch will not display the prompt and only ask you to input numbers. When you have a Shortcut with various prompts (e.g., What is your weight? What is your BMI? etc.) you need to see what the prompt is asking otherwise you lose your place and don’t know what the context is for inputting numbers! This doesn’t even need explanining.

This issue has been with us since about the last two Apple WatchOS versions!
The two most egregious glitches for me are the random failure to charge (even with the oem charger) and my inability to turn off screen time downtime. Downtime randomly turns on and I have to reboot the watch to get it to turn off, otherwise the watch is useless. There are other glitches, but those stand out!
Score: 1 Votes (Like | Disagree)

Related Stories

General iOS 15

Apple Seeds Fourth Betas of iOS 15.2 and iPadOS 15.2 to Developers [Update: Public Beta Available]

Thursday December 2, 2021 10:07 am PST by
Apple today seeded the fourth betas of upcoming iOS and iPadOS 15.2 updates to developers for testing purposes, two weeks after seeding the third betas and a month after the launch of iOS 15.1 and iPadOS 15.1. iOS and iPadOS 15.2 can be downloaded through the Apple Developer Center or over the air after the proper profile has been installed on an iPhone or an iPad. iOS and iPadOS 15.2 add ...
icloud mail redesign

Web-Based iCloud Mail Redesign, Hide My Email, and Custom Domain Features Now Live

Monday September 20, 2021 1:00 pm PDT by
Alongside the launch of iOS 15, iPadOS 15, tvOS 15, and watchOS 8, Apple has also pushed an update for its iCloud.com website, introducing a new look for iCloud Mail that's viewed on the web. The new web-based iCloud Mail design looks similar to the Mail apps on devices running iOS 15, iPadOS 15, and the beta version of macOS Monterey. It is a cleaner and more streamlined look than the prior ...
watchOS 8 on Apple Watch feature

Apple Releases watchOS 8.5 With Support for Apple TV Purchase Authorization, Irregular Heart Rhythm Notification Improvements and More

Monday March 14, 2022 9:42 am PDT by
Apple today released watchOS 8.5, the fourth major update to the watchOS 8 operating system that launched in September. watchOS 8.5 comes two months after the launch of watchOS 8.4, which fixed a charging bug. ‌‌watchOS ‌8.5 can be downloaded for free through the dedicated Apple Watch app on the iPhone by going to General > Software Update. To install the new software, the Apple Watch needs...
Edison Mail M1 Mac Support

Edison Mail Updated With Native Support for Apple Silicon Macs

Thursday February 17, 2022 8:02 am PST by
Edison Mail today announced that it has updated its Mac app with native support for Apple silicon, allowing the app to run faster on Macs powered by the M1, M1 Pro, and M1 Max chips. The new version of the app is available now through the Mac App Store. Edison Mail first released a desktop app for the Mac in 2019 with features such as One-Click Unsubscribe for junk emails, Block Sender,...
watchOS 8 on Apple Watch feature

Apple Seeds watchOS 8.4 Release Candidate to Developers

Thursday January 20, 2022 10:10 am PST by
Apple today seeded the release candidate version of an upcoming watchOS 8.4 beta to developers for testing purposes, with the new software coming one week after the launch of the first betas and over a month after the release of watchOS 8.3. To install watchOS 8.4, developers will need to download the configuration profile from the Apple Developer Center. Once installed, ‌‌‌‌watchOS...
watchOS 8 on Apple Watch feature

Apple Releases watchOS 8.4 With Fix for Apple Watch Charging Bug

Wednesday January 26, 2022 9:50 am PST by
Apple today released watchOS 8.4, the third major update to the watchOS 8 operating system that launched in September. watchOS 8.4 comes over a month after the release of watchOS 8.3, an update that added support for the Apple Music Voice Plan. ‌‌watchOS ‌8.4 can be downloaded for free through the dedicated Apple Watch app on the iPhone by going to General > Software Update. To install the...
custom email domain mail ios 15 4

iOS 15.4 Beta Adds Support for Setting Up Custom Email Domains With iCloud Mail

Thursday January 27, 2022 5:25 pm PST by
The iOS 15.4 beta that was introduced today expands support for the custom email domain feature available for iCloud+, adding an option to set up a custom domain with iCloud Mail directly on the iPhone. If you go to Settings > Apple ID > iCloud, "iCloud Mail" is now a tappable option and it includes a section for setting up a Custom Email Domain. Prior to now, custom domains were able to...
ios15 mail privacy feature

Hide My Email Available in Mail App With New iOS 15.2 and macOS Monterey 12.1 Betas

Tuesday November 9, 2021 10:42 am PST by
iCloud+ subscribers who use Hide My Email can do so directly from the Mail app after installing the iOS 15.2, iPadOS 15.2, and macOS Monterey 12.1 betas that came out today. The feature update is outlined in Apple's release notes for the beta, and it should make Hide My Email much more convenient to use on Apple devices. For those unfamiliar with Hide My Email, it is an iOS 15 and macOS...

Popular Stories

applefifthavenue

Man Robbed After Buying 300 iPhones From Apple Fifth Avenue

Tuesday November 29, 2022 11:54 am PST by
An unnamed 27-year-old man who purchased 300 iPhones from Apple Fifth Avenue on Monday morning was robbed shortly after leaving the store, according to 1010Wins Radio in New York. He was carrying 300 iPhone 13s in three bags and walking to his car at 1:45 a.m. when another car pulled up next to him. Two men jumped out and demanded that he hand over the bags. Not wanting to hand over 300...
iOS 16

Apple Releases iOS 16.1.2 With Carrier Improvements and Crash Detection Optimizations

Wednesday November 30, 2022 10:09 am PST by
Apple today released iOS 16.1.2, another minor bug fix update that comes one week after the release of iOS 16.1.1 and three weeks after the launch of iOS 16.1, an update that added support for iCloud Shared Photo Library, Matter, Live Activities, and more. The iOS 16.1.2 update can be downloaded on eligible iPhones over-the-air by going to Settings > General > Software Update. According...
app store awards 2021

Apple Announces 2022 App Store Award Winners, Highlighting Best Apps of the Year

Tuesday November 29, 2022 3:10 am PST by
Apple today announced its 2022 App Store Award winners, highlighting the 16 best apps and games selected by Apple's global App Store editorial team. The top apps were chosen by Apple for their quality, innovative technology, creative design, positive cultural impact, and ability to deliver "exceptional experiences." Apple CEO Tim Cook said: This year's App Store Award winners reimagined...
14 vs 16 inch mbp m2 pro and max feature 1

'M2 Max' Geekbench Scores Leak Online, Revealing Rumored Specs and Performance

Wednesday November 30, 2022 2:39 am PST by
Geekbench scores allegedly for the upcoming "M2 Max" chip have surfaced online, offering a closer look at the performance levels and specific details of the forthcoming Apple silicon processor. The Geekbench results, first spotted on Twitter, are for a Mac configuration of with the M2 Max chip, a 12-core CPU, and 96GB of memory. The Mac listed has an identifier "Mac14,6," which could be...
eufy camera

Anker's Eufy Cameras Caught Uploading Content to the Cloud Without User Consent [Updated]

Tuesday November 29, 2022 1:01 pm PST by
Anker's popular Eufy-branded security cameras appear to be sending some data to the cloud, even when cloud storage is disabled and local only storage settings are turned on. The information comes from security consultant Paul Moore, who last week published a video outlining the issue. According to Moore, he purchased a Eufy Doorbell Dual, which was meant to be a device that stored video...
Apple Park View

Elon Musk Meets With Apple CEO Tim Cook Amid Claims of Twitter App Store Dispute [Updated]

Wednesday November 30, 2022 12:43 pm PST by
Twitter CEO Elon Musk today met with Apple CEO Tim Cook at the Apple Park campus in Cupertino, California, according to a tweet shared by Musk this afternoon. Musk thanked Cook for taking him around Apple's headquarters, with no mention of what the two might have discussed. The meeting comes just after Musk on Monday claimed that Apple has "mostly stopped" offering ads on Twitter, and that...
iphone 11 tesla cybertruck close up

Elon Musk Pledges to Build iPhone Rival If Apple Ousts Twitter

Tuesday November 29, 2022 2:48 am PST by
Elon Musk has pledged to offer an "alternative phone" if Apple and Google remove Twitter from their app stores, adding to long-standing rumors about an iPhone rival from Tesla. Modified iPhone 11 Pro in the style of the Tesla Cybertruck, by Caviar. Musk's remark came after being asked about the potential scenario of Twitter being removed from app stores, which could conceivably happen if the...
Cyber Monday Deals Feature 2022

Best Cyber Monday Apple Deals Still Available for AirPods, Apple TV, iPad, and More

Monday November 28, 2022 5:24 am PST by
The Black Friday and Cyber Monday holiday shopping rush is drawing to a close, but there are still some good deals to be had out there. For Apple products, many of the deals you've seen since last week are still available, though some have expired. So for anyone who missed out on Black Friday deals, there's still an opportunity to get some of the year's best prices on many Apple devices. Note: ...
apple music replay 2022 highlight reel cropped

Apple Music Replay 2022 Revamped With 'Highlight Reel' [Updated]

Tuesday November 29, 2022 4:02 am PST by
Apple today rolled out an updated Apple Music Replay experience for 2022, showcasing a new "highlight reel" feature. Subscribe to the MacRumors YouTube channel for more videos. The overhauled experience, which started to be noticed by Apple Music subcribers on Twitter earlier today, puts the new highlight reel feature at the forefront of the Replay webpage, which users are encouraged to...
iPhone 14 Pro Rear Camera

iPhone 15 to Use 'State-of-the-Art' Image Sensor From Sony for Better Low-Light Performance

Monday November 28, 2022 11:00 am PST by
Apple's upcoming iPhone 15 models will be equipped with Sony's newest "state of the art" image sensors, according to a report from Nikkei. Compared to standard sensors, Sony's image sensor doubles the saturation signal in each pixel, allowing it to capture more light to cut down on underexposure and overexposure. Nikkei says that it is able to better photograph a person's face even with...