Zero-Day in Apple mail on iOS User

Print Friendly, PDF & Email

The BtCIRT would like to inform the general public about the  default Mail App  in iPhones and iPads vulnerable to two critical flaws that attackers are exploiting.The vulnerabilities of the mail application allow attackers to take complete control over Apple devices remotely by simply sending an email to any targeted individual. These flaws which resides in the MIME library of the Apple mailing application are triggered while processing the contents of an email and they are critical hence it can be exploited with ‘zero-click,’ which means that no action is required from the targeted user.

Therefore, Bhutan Computer Incident Response Team recommends users  Do not to use Apple built-in mail application until a patch is available and apply the necessary updates.