Apple Downplays iOS Email Exploit, Says No Evidence Of Exploit Being Used

The other day, researchers revealed that they had discovered a vulnerability in the email app on iOS devices. This vulnerability is quite serious because it seems that users don’t even need to open the email in order for it to be exploited. All that needs to happen is that the person receives it and the attacker can then execute code remotely.

Apple has since responded to the claims where in a tweet by Rene Ritchie, the company seems to be downplaying the severity of the vulnerability, and also claiming that to date, they have not discovered any evidence to suggest that the vulnerability was exploited and that customers had been affected by it.

According to Apple, “We have thoroughly investigated the researcher’s report and, based on the information provided, have concluded these issues do not pose an immediate risk to our users. The researcher identified three issues in Mail, but alone they are insufficient to bypass iPhone and iPad security protections, and we have found no evidence they were used against customers.”

See more

Apple's comment on the ZecOps claim of a Mail .app exploit (full text in image description):

TL;DR: "The researcher identified three issues in Mail, but alone they are insufficient to bypass iPhone and iPad security protections." pic.twitter.com/hfE2xlzHUv

— Rene Ritchie (@reneritchie) April 24, 2020

It should be noted that Apple was notified of the issue several months ago and worked with the researchers to fix it. The fix has yet to be released, but it is expected to come in an upcoming iOS update, so do keep an eye out for it when it is eventually released.

Tyler Lee
Categories: Apple, Cellphones
Tags: Hack, iOS, Security