If you use Apple’s Mail app on your iPhone or iPad, it might be time to consider using another application to check your emails. This is because according to a report from security research firm ZecOps, a potential zero-day exploit has been discovered that could allow attackers to remotely run code on affected devices.
This vulnerability is said to be quite severe to the point where users won’t even need to open or interact with the email in order for it to work. All they need is to just receive the email and the exploit will then be triggered. To make things worse, it seems that this exploit has been around for years dating back to at least January 2018.
However, they also suspect that it could be even older than that as they managed to replicate the issue on devices running iOS 6, which was released back in 2012. That being said, there is some good news because after being contacted by the ZecOps team, they managed to work with Apple to fix the issue. Apple is expected to publish a patch that will close the exploit in an upcoming iOS update, which is currently in beta.
In the meantime, if you’re interested in learning more about the exploit you can head on over to ZecOps’ website. The team is also recommending that users, for the time-being and until the patch has been released, to disable the Apple Mail client and seek third-party alternatives.