Cyber security news for all

More

    iOS 13.5 and 12.4.7 fixed vulnerabilities that could manipulate the email inbox

    Apple has apparently secured its email client preinstalled on iPhones and iPads. The vulnerabilities in older versions are closed after installing iOS 13.5 or 12.4. There were several targeted attacks on companies and individuals, the company said at the end of April and had therefore decided to issue a public warning before the general release of the Apple patch.

    Complete Patch Only Through 13.5

    Apple’s first patch for the heap overflow vulnerability in the beta version of iOS version 13.4.5 was still incomplete. The iOS version 13.5, which has now been released to general public, completely eliminates the problem. According to the security company in iOS 13, the bugs are particularly problematic because they allow manipulation of emails even without user interaction. If additional weaknesses at the kernel level are known, devices could also be taken over completely. The Federal Office for Information Security also subsequently warned against further use of the preinstalled email client.

    In contrast, Apple did not classify the vulnerabilities as an immediate risk to users. The bugs in mail would not be enough to bypass the security features of iPhones and iPads. The company also found no evidence of active exploitation of the gaps.

    The discovered security vulnerability under iOS allows access to emails as well as the rest of iOS without the user noticing. This gap has been in the system since iOS 6 and the vulnerability has been there for at least three years.

    Only in the upcoming update to iOS 13.5 will both bugs be fixed, the new version is already available as a public beta. Apple took so much time to fix two potentially critical problems, especially since Apple’s communication in the mail affair is at least unfortunate. Security researchers also disagreed with this representation of the company and pointed out that the vulnerability was already being exploited by attackers.

    Recent Articles

    Personnel were asked to removed 89 apps which includes Instagram, Facebook, and others by the Indian Army

    Personnel are told by the Indian Army to delete 89 apps from their phones from July 15. This is in a bid to avoid...

    The warning sent to employees about Tiktok app was a mistake says Amazon

    On Friday morning, Amazon sent out a memo to its employees, asking them to uninstall the popular social media app TikTok off their phone....

    Other Android phones sold in the US contains pre-installed malware

    There’s a discovery of Pre-installed malware on another phone by researchers from Malwarebytes; through the lifeline Assistance program for sale in the United States....

    About 15 billion stolen passwords and usernames sold on the dark web.

    A recent finding has shown that about 15 billion passwords and usernames are distributed on the dark web. This compromise will bring about credential...

    Hundreds of multinational companies aimed by Russian BEC Gang

    According to the security firm Agari, there has been a discovery of a newly uncovered Russia-based business email compromise gang; BEC gang that scams...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox