The other day, researchers revealed that they had discovered a vulnerability in the email app on iOS devices. This vulnerability is quite serious because it seems that users don’t even need to open the email in order for it to be exploited. All that needs to happen is that the person receives it and the attacker can then execute code remotely.Apple has since responded to the claims where in a tweet by Rene Ritchie, the company seems to be downplaying the severity of the vulnerability, and also claiming that to date, they have not discovered any evidence to suggest that the vulnerability was exploited and that customers had been affected by it.
According to Apple, “We have thoroughly investigated the researcher’s report and, based on the information provided, have concluded these issues do not pose an immediate risk to our users. The researcher identified three issues in Mail, but alone they are insufficient to bypass iPhone and iPad security protections, and we have found no evidence they were used against customers.”
https://twitter.com/reneritchie/status/1253517061944422410
It should be noted that Apple was notified of the issue several months ago and worked with the researchers to fix it. The fix has yet to be released, but it is expected to come in an upcoming iOS update, so do keep an eye out for it when it is eventually released.