23 April 2020

Apple is secure? Think again: Apple Mail on iOS has two severe "zero-click" flaws


The Mail app on Apple’s flagship iOS operating system has been afflicted with two serious vulnerabilities that can allow a hacker to attack a device by sending emails that consume significant levels of memory.

Hackers have triggered two vulnerabilities in the Mail app, which have existed since iOS 6 was released in 2012, giving them the power to leak, modify or delete emails, according to findings by ZecOps. In addition, the flaws have been exploited in combination with another as-of-yet unidentified bug to gain full device access.

To initiate the attack, one would send an email message designed to cause a buffer overflow in the Mail app, which means the hacker can fill a block of memory beyond its capacity. These content of these emails, once sent, can then be deleted.


No comments:

Post a Comment