General Discussion

WhiteTara

(29,704 posts) Sat Apr 25, 2020, 01:52 AM Apr 2020

Apple Confirms New Warning Affecting Almost All iPhone Users

https://www.forbes.com/sites/gordonkelly/2020/04/23/apple-iphone-exploit-vulnerability-ios-13-mail-problem-iphone-11-pro-max-u-iphone-xs-max-xr-update/amp/

Apple has already released the best iPhone of 2020, but now millions of iPhone owners – both old and new – need to be careful because the company has just confirmed a massive iOS security hole which impacts almost every iPhone on the planet.

Following the publication of a devastating report from security firm ZecOps (covered here by Forbes), which claimed that every iPhone running a version of iOS 6 or newer is vulnerable to remote attacks, Apple has now confirmed the problem is real.

So what are we dealing with? What ZecOps discovered is a serious vulnerability in Apple’s iOS Mail app which allows an attacker to remotely infect an iPhone and gain control over their inbox. In addition, not only did ZecOps find that the attacks can happen without an iPhone owner’s knowledge but they have been happening for more than two years, with the first attack subsequently detected back in January 2018.

And there’s a further kicker: ZecOps found that the attacks are easier to perform on iOS 13 than previous generations of iOS. For example, ZecOps explains that with iOS 12, an attacker requires the iPhone user to open a malicious email. But with iOS 13, it can be triggered unassisted simply from the Mail app being opened in the background.

A fix is at the link.

9 replies

= new reply since forum marked as read

Highlight:

Apple Confirms New Warning Affecting Almost All iPhone Users (Original Post) WhiteTara Apr 2020 OP

Forbes has been running an anti-Apple jihad for months. denem Apr 2020 #1

Anti windows too. Nt ecstatic Apr 2020 #3

Apple Finds No Evidence Hackers Exploited iPhone, iPad Mail Flaw MoonlitKnight Apr 2020 #2

+1 dalton99a Apr 2020 #6

This ought to be good. yortsed snacilbuper Apr 2020 #4

There are a ton of iPads out there that can't be upgraded past iOS 9 or 10... thesquanderer Apr 2020 #5

"Apple has already released the best iPhone of 2020" jayfish Apr 2020 #7

Guess that means nothing new until 21? lindysalsagal Apr 2020 #9

This is why I don't do money in my phone. Ever. Not even credit cards. lindysalsagal Apr 2020 #8

denem

(11,045 posts)

1. Forbes has been running an anti-Apple jihad for months.

Reply to WhiteTara (Original post)

Sat Apr 25, 2020, 01:56 AM

Apr 2020

Titles like, a million reasons to ditch your iPhone.

They are corrupt.

ecstatic

(32,685 posts)

3. Anti windows too. Nt

Reply to denem (Reply #1)

Sat Apr 25, 2020, 02:26 AM

Apr 2020

MoonlitKnight

(1,584 posts)

2. Apple Finds No Evidence Hackers Exploited iPhone, iPad Mail Flaw

Reply to WhiteTara (Original post)

Sat Apr 25, 2020, 02:24 AM

Apr 2020

https://9to5mac.com/2020/04/24/iphone-mail-vulnerabilities/

Apple’s denial

“Bloomberg reports that Apple not only says it can find no evidence to support this claim, but that the vulnerabilities are not sufficient to allow the reported attacks to succeed.

The U.S. company is countering assertions by cybersecurity company ZecOps Inc. that software flaws may have allowed hackers to infiltrate iPhones and other iOS devices for more than a year. Apple launched an investigation and said in a statement the mail issues were insufficient by themselves to allow cyber-attackers to bypass built-in security, adding it will issue a fix soon.

“We have thoroughly investigated the researcher’s report and, based on the information provided, have concluded these issues do not pose an immediate risk to our users,” the Cupertino, California company said. “The researcher identified three issues in Mail, but alone they are insufficient to bypass iPhone and iPad security protections, and we have found no evidence they were used against customers.”

Bloomberg link:
https://www.bloomberg.com/news/articles/2020-04-24/apple-finds-no-evidence-hackers-exploited-iphone-ipad-mail-flaw