Researchers have discovered a pair of security vulnerabilities related to the stock Mail app on iOS devices, but it appears there’s no reason to panic just yet.
The discovery was made by researchers at the cybersecurity company ZecOps. Both Motherboard and The Wall Street Journal have reports on the security vulnerabilities, both of which are tied directly to the stock Mail app for iOS devices. The good news here is Apple already has a fix, technically, even if it’s not quite ready for the public.
One of the vulnerabilities allows a potential attacker to weaken an iOS device by sending emails that consume a vast majority of the device’s available memory. The second vulnerability may allow for remote code execution. If an attacker is able to implement either one of the vulnerabilities, it’s believed that they would be able to not only access emails, but also modify them, leak, and delete the user’s emails.
Right now it appears that the general public is not really at risk here. However, business executives and government officials have been preyed upon with the security vulnerabilities.
Now, the aforementioned good news. Apple has already patched the vulnerabilities according to the individual follow-up reports, and the patched software is present in iOS 13.4.5. Apple is currently beta testing that software and it’s expected to launch to the public in the near future.
So the fix is on the way, and the general public is apparently not at imminent risk. Still, it’s good to be aware of these types of vulnerabilities.