Categories
Latest News

Apple Says Zero-Click iPhone Attack Poses No Risk to Users

Advertisement

Apple Says Zero-Click iPhone Attack Poses No Risk to Users

The vulnerabilities were discovered in the Mail app for iOS, but Apple’s investigation concluded there’s no immediate risk to users and a fix will be rolled out as part of a future iOS version release.

Earlier this week, cybersecurity company ZecOps reported it had discovered zero-day exploits for iOS and iPadOS, with the vulnerabilities apparently being introduced as far back as iOS 11.2.2. However, Apple has now concluded there's no immediate risk to users.

As Reuters reports, Apple acknowledged the vulnerability existed on Wednesday and carried out a review. The exploits exist in the Mail app for iOS and, according to ZecOps, allows a specially crafted email to be sent to trigger the vulnerability simply by consuming a lot of RAM. ZecOps believes this security hole has already been used to hack a number of targets, including a journalist, multiple executives, and individuals from a Fortune 500 organization.

Apple disputes the hacking occurred, but ZecOps has promised to share more details on that front as soon as Apple releases the update meant to fix the exploits (expected to be included with iOS 13.4.5). With regards to the threat posed by these vulnerabilities, Apple concludes there is none.

Advertisement

SEE ALSO: Google Rolls Out Android 'TalkBack' Braille Keyboard for Visually Impaired Users

Related

Responding to ZecOps' reports, Apple said, "We have thoroughly investigated the researcher’s report and, based on the information provided, have concluded these issues do not pose an immediate risk to our users … The researcher identified three issues in Mail, but alone they are insufficient to bypass iPhone and iPad security protections, and we have found no evidence they were used against customers."

Advertisement

Further Reading

Original Article

Advertisement

Leave a Reply

Your email address will not be published.