publishing date icon
May 11, 2020
read time icon
5 min. read

Update regarding the Apple iOS Mail App Vulnerability

Post hero image

Table of contents

share this post

Apple just recently confirmed the most significant vulnerability in iOS history after ZecOps made a public announcement about their discovery of a security flaw. We reported about the issue recently. It was speculated that the problem was affecting millions of iPhone users, but after Apple’s announcement, it seems like the issue is more significant than one could imagine.

Since 2010, every iPhone has been affected

Ever since iOS 3.1.3 released in 2010, every iPhone has been vulnerable to a possible remote attack of the iOS mail app. If you own an iPhone, iPad, or an Apple Watch, keep reading.

No patch for the ‘MailDemon’ vulnerability

This vulnerability, publicly also referred to as ‘MailDemon’, can be used for Remote Code Execution for a ‘zero-click exploit’. This means that users can get in trouble even without interacting with the email they receive through their iOS Mail app.According to ZecOps, Apple hasn’t yet released a patch.

Apple to fix this vulnerability

According to some news, Apple has promised to fix the vulnerability with the release of iOS 13.5. This is great news for owners of the iPhone 6S and newer. It’s yet to be seen whether Apple will release a patch for older devices that do not support the new iOS update.

When can we expect the next update?

Apple initially released the iOS 13.4 version on the second-generation iPhone SE on March 24, 2020. On May 2nd, 2020, Apple released the iOS 13.5 beta to developers and public beta users, and the update will include major changes – nevertheless, the update regarding the upcoming changes does not include the fix for the mail vulnerability, instead, it focuses on updates regarding the COVID-19 situation.

What can you do as an iPhone user?

Disable or delete the iOS Mail app on your phone.

delete ios mail app

You can find instructions on how to delete built-in Apple apps from your iOS12, iOS13, iPadOS, or Apple Watch devices from Apple's website. Start using an alternative, such as Outlook or Gmail apps. Both of these are secure to use.

Do you want to see how ‘MailDemon’ works in more detail?    

ZecOps released an excellent article on the technique and triggers, and they call people for a bounty in case they experienced the symptoms. They explain the rules of the bounty in more detail at the end of the post.

And finally, remember to practice safe email habits!

Subscribe to Threat Feed

Subscribe to Hoxhunt's Threat Feed to get the latest phishing threats delivered to your inbox, every Friday.

Form CTA

Hoxhunt needs the contact information you provide to us to contact you about our products and services. You may unsubscribe from these communications at anytime. For information on how to unsubscribe, as well as our privacy practices and commitment to protecting your privacy, check out our Privacy Policy.