Apple finally admitted that the iOS Mail app security concern applies to all iPhone users. The warning goes out to iPhone holders since 2010.
A recent update on the iOS Mail app vulnerability confirmed the issue affects every iPhone user across the globe. Apple now issued the warning to all device holders, old and new.
Previous reports revealed that an iOS Mail app is currently attacking iPhone devices through the default email app. The said report stated that only iOS 12 and iOS 13 running devices are affected.
The list of affected iPhone versions was gathered from what the tech giant admitted. Now an update to the report confirmed that every iPhone launched over the past eight years are susceptible to the vulnerability.
A security specialist claimed that the change of information was due to the tech giant’s move of playing down the severity of the attack. However, their discovery proved that the attack affected all existing iPhones for almost a decade now.
The security issue is what Apple called the longest-running vulnerability on iOS history. Researchers point it back to October 22, 2010, when the 2G iOS 3.1.3 iPhone was released.
The team of security specialist that discovered the vulnerability released an infographic on the threat. The info showed an exploitable vulnerability covering iOS mail apps from iOS 3.1.3 up to iOS 13.4.1.
The infographic also showed that no patch is currently available for the GA version. However, it revealed that Apple patched the exploit in iOS 13.4.5 beta version.
How the longest-running iOS vulnerability works
Apple’s warning for all iPhone holders is about the serious Apple iOS mail app vulnerability. It launches an attack through the iPhone’s default Mail app.
It operates by remotely infecting an iPhone and manipulating its inbox. It launches the attack through a malware-infected email.
The said email launches attacks in two ways. It can infect an iPhone as soon as the user opens the email or, in some cases, automatically launch as soon as the mail opens on the background.
What must iPhone users do while waiting for the patch
Apple assured its customers that it would release a patch on its iOS 13.5 release to correct the issue. However, experts are still wondering how the Cupertino tech giant plans to address the issue for older iPhone holders.
For now, security specialists suggested the Apple customers to avoid using the iPhone’s default email app at least until the security patch is released.
As per the test conducted, third-party email app such as Gmail and Outlook are not vulnerable to the exploit. Both email apps are available for iPhones via the App Store.
Image courtesy of Aaron Yoo/Flickr