Zero-Day Warning for iOS Users

The default Mail App found in iPhones and iPads has been found vulnerable to two critical flaws that attackers are exploiting.

Threat Level

The vulnerabilities of the mail application allow attackers to take complete control over Apple devices remotely by simply sending an email to any targeted individual. These flaws which resides in the MIME library of the Apple mailing application are triggered while processing the contents of an email and they are critical hence it can be exploited with 'zero-click,' which means that no action is required from the targeted user.

According to the researchers at ZecOps, when these flaws are exploited most iOS users are unlikely to notice. Major flaws that have been identified are remote code execution and the heap overflow issue. These issues are identified in the current iOS 13.4.1 version and there is no security patch available at present, although Apple has patched both vulnerabilities in iOS 13.4.5 beta version, which is to be released soon.


  • Leakage of personal information such as usernames and passwords.
  • Slowdown of mobile mail application.
  • Disclosure, modification and deletion of emails.

Solution/ Workarounds 

    • Do not to use Apple built-in mail application until a patch is available (iOS version 13.4.5 is released).
  • Use an alternative mail application



The information provided herein is on "as is" basis, without warranty of any kind.

Source: Sri Lanka CERT|CC

Rate this item
(0 votes)

Leave a comment

Please do not enter any marketing or illegal statements | කරුණාකර අලෙවිකරණ හෝ නීති විරෝධී ප්‍රකාශන ඇතුළත් නොකරන්න.


Video Of The Day | දවසේ වීඩියෝව

Subscribe to Weekly Email Newsletter

Joomla Extensions powered by Joobi

Articles Archive

Articles Calendar

« December 2021 »
Mon Tue Wed Thu Fri Sat Sun
    1 2 3 4 5
6 7 8 9 10 11 12
13 14 15 16 17 18 19
20 21 22 23 24 25 26
27 28 29 30 31    
This Week
Last Week
This Month
Last Month
All days
Your IP:
2021-12-07 04:33
Go to top