Site icon Check Point Blog

Newest iOS Vulnerabilities and How Check Point Customers Remain Protected

By Yael Macias, Product Marketing Manager, Endpoint & Mobile Security

And Danielle Guetta, Product Marketing Specialist, Email Security

Last week, cyber security firm ZecOps announced that it had discovered two serious vulnerabilities in the iOS Mail app which allow an attacker to remotely infect an iPhone or iPad and gain full control over their inbox. The security flaws affect iOS 6 through iOS 13, and according to the firm, attacks that exploit these vulnerabilities have been taking place for about two years. The first in-the-wild sample was seen in January 2018.

One of the vulnerabilities has the capability to enable an attacker to remotely infect an iOS device by sending emails that consume a large amount of memory. The vulnerability is triggered without any user interaction – zero-click – in iOS 13, and with one needed click to open the email in iOS 12. Another vulnerability has remote code execution capabilities. Successful exploitation of the vulnerabilities could potentially allow an attacker to leak, modify, or delete a user’s emails.

While it still remains to be seen whether these vulnerabilities actually succeed in compromising iOS users, it proves yet again that iOS is not that secure. While Apple keeps stricter policies when it comes to uploading applications to their official App Store, their devices can still be penetrated in other ways: phishing campaigns, malicious certificates, Man-in-the-Middle attacks, or remote code execution that is embedded in malicious campaigns delivered via email, such as this one. These news serve as a reminder that, while users should put their trust on their operating system providers, they should also be wary of the growing number of threats to mobile devices and take security measures of their own, even on iOS.

Until a security patch is released we recommend disabling the native email app and working with other email clients.

Check Point Customers Remain Protected

With CloudGuard SaaS

CloudGuard SaaS provides email security to ensure accounts and devices don’t get compromised:

Try CloudGuard SaaS today.

With On-prem MTA

Customers using Check Point’s security gateways with the MTA enabled can also stay protected from this attack. We recommend contacting Check Point support for instructions on how to enable it.

With SandBlast Mobile

SandBlast Mobile provides unique Mobile Threat Defense capabilities to protect against sophisticated mobile exploits like these.

Try SandBlast Mobile today.


Sources:

Exit mobile version