Recently, Apple reported one of the longest operating bugs in iOS history, impacting millions of iPhone users
Although recent research shows that this kind of attack is starting to get bigger, Apple admitted back in April that any iPhone launched in the last eight years is susceptible to remote attacks through the iOS Mail software.
At the time, the company played down the seriousness of this claiming that it had found ‘no signs’ of vulnerabilities, but now ZecOps, the technology expert who identified the bug, approached me with fresh knowledge that it was not only activated in the wild but that the first possible triggers occurred ten years earlier and that any iPhone ever created is susceptible (Apple verified that 900 M is active).
Apple addressed me saying it would hold to its original comment about this flaw (found here) and thank ZecOps for its discovery. As it is, Apple is not reporting on new bug reports and real-world causes from ZecOps that date back to 2010.
Apple will offer an update to iOS 13.5, but no effort is currently made to upgrade prior versions of iOS to support older iPhones. Needless to add, with more changes from all hands, I would keep the article informed. Further changes appear unavoidable, as they stand.
Although Apple appears to talk down this weakness, it is taking drastic action elsewhere. For instance, the Federal Office for Information Protection (BSI) in Germany has released a statement urging the elimination of the iOS Mail program. BSI President Arne Schönbohm states: “The BSI is highly critical of these weaknesses It enables the attackers to manipulate large parts of the mail communication on the affected devices.
“Furthermore, there is currently no patch available. This means that thousands of iPhones and iPads are at acute risk from private individuals, companies, and government agencies. We are in contact with Apple and have asked the company to find a solution for the security of their products as soon as possible” the statement read further. The iOS 13.5 can’t come soon enough.