author: Mateusz Popielak
Major Security Gap Detected in iOS
One of Apple's system apps enables third party to attack a selected device, virtually without user intervention. The company announced work on a patch.
- The problem concerns devices with iOS version 6 and above;
- The compromised application is Apple Mail;
- Our data is vulnerable to attack, even if the application is running in the background;
- The gap may also be present on iPads;
- MacOS is not susceptible to the bug;
- Apple has announced work on a patch.
The days when iOS was considered uncrackable are long gone. Every now and then, Apple has a security problem, the latest surfacing quite recently. Except that this vulnerability hasn't been detected early enough. It is possible that the error allowed for regular data theft over the last few years.
The whole case has been brought to light by ZecOps, a team that deals with cyber security. The presence of the vulnerability has already been confirmed in iOS 11.2.2. The bug may be present on devices running on iOS 6 and newer (iPhone 5 and subsequent models).
How is the attack performed?
The bug uses the Mail application. It's a stock app - it's been pre-installed on every device from the very beginning. If we use it, we are vulnerable to attack.
We get a blank e-mail. As soon as we receive it, the device resets. At this point the system is infected and the person responsible for the attack has access to our data. What the Email application has access to is no longer private.
The attack is problematic because it does not require much user intervention. We don't have to click on any link, the application can run in the background. You won't even notice that you are a victim of a cyber crime.
What can I do?
The Mail is the only application that has such a gap. Outlook or Gmail are safe, so we should change the email program as soon as possible. We should turn off the Apple app completely and wait for the fixes that were already announced by the company.
Interestingly, there are speculations that the bug existed back in 2012 and appeared with the debut of iPhone 5. The first time it was used was probably in January 2018. In addition, Apple reported that the security patch is already in beta, which would indicate that the problem has been addressed earlier. However, this is just a guess. It is possible that ZecOps will investigate the matter further and come across some new information. All we can do is wait for the developments to happen, and if we use Apple devices, change the mail client.