Why do all celebrities use iPhones

Attacks on journalists and celebrities: Serious vulnerability discovered on iPhones and iPads

A vulnerability in Apple Mail currently endangers the security of users of Apple's mobile devices. As the security company Zecops reports, it is possible for attackers to use the leak to execute malicious code on iPhones and iPads.

The current version of iOS (13.4.1) is also affected. In addition, attacks on well-known personalities, journalists and business representatives have already been registered, which the researchers assign to the exploitation of the vulnerability with a very high degree of probability.

Hardly noticeable attack

The problem is even more severe with iOS 13 than in the previous edition. Because here the attacker does not even have to control the mail server, which is a prerequisite for an attack on iOS 12. It is enough if Apple Mail just runs in the background. In the previous edition, the attack only succeeded if a user opened a manipulated email beforehand. All issues of the system from iOS 6 are affected.

An ongoing attack is hardly noticeable. If an attack goes wrong via this "zero day gap" (description of a leak that has not yet been fixed and is already actively exploited), empty emails may appear which, according to Apple Mail, cannot be displayed. In addition, it can happen that the program reacts a little sluggishly.

Correction will follow with the next iOS patch

Apple is already working on a fix for the bug, which has already been done in the beta version of iOS 13.4.5. The final version of the update for all users is not yet available. However, due to the severity of the problem, Zecops decided to go public with it now. Until the general release of the next iOS update, we recommend using an alternative mail client instead of Apple Mail. (gpi, April 23, 2020)