24.04.2020 IMPORTANT: New iOS Mail app attack could compromise your iOS device without action from you

by Field Effect

Here’s how to protect your iOS devices today

If you depend on your iPhone or iPad Mail app for receiving and sending email, beware. A new iOS Mail attack, made public yesterday, requires your fast attention — your iOS device could be compromised.

Here’s what we know:

  • The iOS Mail attack only impacts the iOS Mail application, not its desktop counterpart.
  • According to security researchers, it affects iOS versions as early as iOS 6 and has been observed in use against iOS 12 and 13 — this means even recent versions are at risk.
  • This attack includes two different vulnerabilities, and plays out differently depending on which version of iOS you are running.
  • The bottom line remains the same: an attacker can send you a specially-crafted email and compromise your device — often without you opening the email.
  • In one successful attack, the attacker has been able to leak their victim’s email, delete, and even modify messages.
  • At this point, the pattern of known victims suggests this attack has been used by an advanced threat actor, perhaps state-sponsored. However, others may soon follow their lead and begin exploiting the same vulnerabilities more broadly.

How can you protect your iOS devices today?

It’s important to understand and manage the risks associated with an attack like this.

First, Apple has issued a beta patch which addresses the issue. However, not all users may have access and will be able to take advantage of the patch. You can check if you have access in your Software Updates.  If you have access to the patch, download it today.

Next, hopefully Apple will release a full patch for all iOS iPhone and iPad users soon. In the meantime, our team at Field Effect recommends avoiding the use of the Mail application on your iOS devices. To ensure you remain secure, use an alternative email client, your web browser, or rely on your desktop app for email.  You should also disable your Mail app entirely until Apple releases its full patch.  

And finally, know your network and your threats. Protecting your corporate and personal email is important and requires more than just phishing awareness training and cloud monitoring. Understanding what devices are in your environment and their potential vulnerabilities are critical to managing your threat surface. Our Covalence threat detection and monitoring platform helps you see the devices and activity across your network, providing understandable and actionable alerts when vulnerabilities are present.

As always, please check in with our team for questions or support at [email protected].  You can read more about this exploit here.

Please stay safe and secure.


Request Demo

Fill out the form and we will send you details about our demo.