- Tram Ho
In its statement about two newly discovered security holes in the Mail app on iOS, Apple said it found no evidence that the vulnerabilities had been exploited and attacked by victims.
" We found no evidence that they were used against our customers ." The company said. Moreover, they suspect the possibility of vulnerabilities in this Mail application – whether the company acknowledges their appearance – is sufficient to bypass the security layers of iPhone and iPad.
Earlier, ZecOps's report on the two security holes said it found evidence that the vulnerabilities were exploited by hackers to attack at least six high-level targets. These vulnerabilities allow hackers to view and edit email on the device just by sending the victim a special email. At the time of the report, ZecOps said it was confident that these vulnerabilities were actually exploited by "advanced attack organizations."
Apple, meanwhile, believes that these vulnerabilities pose no immediate risk to its users and will address them in a future software update. When announcing these vulnerabilities, ZecOps also said that Apple has addressed the issue in the beta version of the Apple Mail app.
Not only Apple, a few experts in the security community – including a researcher at Google's Project Zero – also doubt ZecOps's claim that this vulnerability has been exploited in practice. ZecOps said one of the goals was a director at the telecom network operator in Japan and many individuals from Fortune 500 companies in North America.
Refer to The Verge
Source : Genk