June 18, 2020
Summary
The Information Security Office is aware of published reports that there are flaws in the built-in Mail app on iPhones. These flaws reportedly allow attackers to get remote access in the context of the Mail app without any interaction on the users part. [1]
Impact
Remote access in the context of the Mail app
Vulnerable
iOS 6 till the latest released version
Recommendations
- Update to the latest iOS version (13.5.1)
- If, for some reason, you can't update to 13.5.1, set the built-in Mail app to not check mail on iPhones and iPads and use either the Google Gmail or another mail client like Outlook. (To disable the Mail program, toggle the “Mail” setting for any mail accounts in “Passwords & Accounts” in Settings)