All the news on the map
The device was found a vulnerability that affects the mail application of “Apple” gadget. In addition, for the successful completion of a hacker attack, the user does not even need to open your letter. What is the bug in iOS and how dangerous vulnerabilities found in the article “Газеты.Ru”.
In iOS was discovered a vulnerability that allows attackers to conduct hacker attacks on the iPhone using basic email applications, reports Mashable, citing a study by security company ZecOps. The peculiarity of this error in the OS code, it became possible attack vector Scam, in which the user does not even need to open the infected email hacking can occur without the knowledge of the device owner.
According ZecOps discovered vulnerability “is already widely exploited by criminals.”
It is reported that the bug is present in all iOS versions starting from sixth, but the users of smartphones with iOS 13 are considered especially vulnerable on these gadgets open letter is not a prerequisite for a successful attack.
In the Mail app in iOS has a bug that allows an attacker to run code on the device of the victim, if the user will receive a special email confirmed “Газете.Ru” senior engineer-programmer Avast Vojtech Barrels.
“Because of other security settings iOS code can only affect the app itself email, so you can read, delete and forward e-mails stored in the application. However, the attacker can use another vulnerability to gain control over the device, and researchers from ZecOps believe that there have been attempts to do just that. On iOS 13, if the attacker did everything right, the user will not even notice this attack — it can only be noted that the application works a bit slower than usual,” — said the expert.
According to Bocca, it is unlikely that this attack can be automatically deployed to a large number of devices. But it can be made targeted attacks aimed at famous people.
“It is unlikely that this vulnerability will affect the average iOS user, but concerned users can use a different mail app, until the desired patch,” said Barrels.
Dmitry Petunin, it Director of company Oberon, is more pessimistic in his words, disclosure can pose a serious risk due to the large number of users with smartphones based on iOS.
“The gadgets based on iOS are among the most popular. According to statistics, the number of iPhone in the world is over 1.5 billion, more than 75% of them work in the version of the operating system iOS 13. The attack on the device is fairly simple: the attacker sends e-mail the victim a message with a large attachment, which contains malicious executable code. The letter should occupy a significant amount of memory iPhone. Because of the iOS features 13, where emails and attachments in embedded e-mail client downloaded to the device automatically (to open the message manually, unlike iOS 12), the receipt of such messages potentially threatens the interception control device by an attacker.
And actually becoming vulnerable iPhone using iOS 13, hundreds of millions of mobile devices,” warned the source “Газеты.Ru”.
Apple confirmed to Mashable that the vulnerability in question was fixed in the beta version of iOS 13.4.5. Soon the patch will be available to all iPhone users.
Video of the day. “You’re drunk!”: Basharov uploaded the footage of the scandal with ex-wife