Two days ago we reported on vulnerabilities that were discovered in the Mail app under iOS 13.4.1. Now Apple has commented on this.
Since the cyber security company ZecOps published the vulnerabilities, there has been discussion about whether the exploits actually pose an immediate threat to users of the Apple Mail application. While the Federal Office for Information Security has already issued a warning and asked users to temporarily delete the app, Apple has now also made a brief, reassuring statement. The statement was sent to various media outlets. It states:
Update will be released soon
Apple takes all reports of security threats seriously. We thoroughly investigated the researcher's report and, based on the information provided, concluded that these issues do not pose an immediate threat to our users. The researcher identified three issues in Mail, but they alone are not enough to bypass iPhone and iPad security protections and we have found no evidence that they have been used against customers. These potential issues will be addressed in a software update in the near future. We value our collaboration with security researchers to help keep our users safe and will credit the researcher for his assistance.
The vulnerabilities are said to affect all software versions between iOS 6 and iOS 13.4.1. ZecOps explained that Apple has fixed the vulnerabilities in the latest beta version of iOS 13.4.5, which is due to be released in the coming weeks. Until then, ZecOps recommends using a third-party email application. You can find more details about the vulnerabilities in our first article: iOS 13.4.5 fixes exploits in Mail app. (Photo by Alex_Ugalek / Bigstockphoto)
