⤠Security researchers agree iPhone Mail vulnerabilities may have been exploited
Last week saw contradictory claims aboutĀ iPhone Mail vulnerabilities, with a security company claiming that they had been exploited in real-world attacks, and Apple stating that itĀ can find no evidenceĀ of this.
Two leadingĀ securityĀ researchers have now weighed in on this, agreeing with Apple on one point, while stating it remains possible that the bugs have been exploited ā¦
Everyone now appears to agree with one of Appleās statements: that the iOSĀ MailĀ app vulnerabilities discovered by ZecOps cannot be exploited on their own. Apple said:
The researcher identified three issues in Mail, but alone they are insufficient to bypass iPhone and iPad security protections.
ZecOps accepts this, and it has been backed by other security researchers. However,Ā as we notedĀ last week, that doesnāt mean that they couldnāt have been exploited alongside other vulnerabilities in order to carry out a successful attack.
The denial is not a complete refutation of the claim. It may be the case that the specific vulnerabilities alone cannot bypass security safeguards, but that they can be combined with existing exploits in order to do so.
WiredĀ reports that our takeĀ has now been echoed by two high-profile security researchers.
iOS security researcher and Guardian Firewall creator Will Strafach points out that while Apple and ZecOps are correct about the limited utility of the Mail bugs alone, itās still important to take these types of bugs seriously.
āA zero-click like this is especially interesting because it is not a full exploit chain, yet due to the nature of how it works, it could enable something like a smash-and-grab for mailbox data. Even the prospect of copying emails then self-deleting the crafted āattack emailā is quite scary.ā
Former NSA hacker Patrick Wardle agrees, making the point that absence of evidence is not evidence of absence, and saying it wouldnāt be surprising that Apple would be unable to detect these attacks even if they have taken place.
āIt is unlikely that if this vulnerability was used in highly targeted attacks that Apple would find evidence of such attack,ā Wardle says. āEither way, it would be helpful for Apple to articulate how they came to this conclusion.ā
Even the crudest zero-click attacks leave little trace, which makes tracking them an issue. Security analysts say that in many cases, the very features that make software more secure often make zero-click attacks harder to detect [ā¦]
āWe donāt see a lot of these zero click vulnerabilities exploited in the wild and that is because theyāre so difficult to detectāitās not because theyāre not out there.ā
If the iPhone Mail vulnerabilities have been exploited, however, this is mostly likely against specific, high-profile targets.