• A cybersecurity company found a vulnerability in the iOS Mail app
  • The vulnerability allows hackers to gain access to users' emails
  • There's a way to protect one's self from such attacks

San Francisco-based cybersecurity automation company ZecOps recently reported about the vulnerability that it found within the Mail app on iPhones ranging from the iPhone 6 down to the latest models.

ZecOps said the vulnerability will allow hackers to run remote code in the Mail app on both iOS 12 and iOS 13, although the risk of getting affected by the attack on the latter is higher. This vulnerability, if exploited, will grant hackers access into the user's emails, allowing them to leak, modify or delete emails as they please.

The problem with the newly-discovered vulnerability is that unlike other types of malware used to attack phones, it does not require users to open an email and click on a link or to open a website. It does require iOS 12 users to at least click on an email, but it doesn't require iOS 13 users to do anything – even to launch the Mail app.

Apple has released fixes so that users can stay protected from the attack, but the fixes are still in the iOS 13.4.5 beta. Those who use an older iPhone running on iOS 12 can't get that protection. Those who do not run iOS betas on their devices won't get it as well, until the development is complete.

Thankfully, there's a way to keep one's self protected from the attack, Cult of Mac reported. It's as simple as disconnecting the iPhone from the email account. Here's how to do it:

  • First, iPhone users should launch the Settings app and go to Passwords & Accounts.
  • Second, from there, users will be shown a list of their internet accounts, including mail, calendars, notes and whatever is connected. Users should tap on anything that has “mail” in it.
  • Third, users must toggle the switch next to Mail so that it is turned off. Users should also disable their iCloud Mail accounts.

Doing this process disconnects the iPhone from the email account, and protects the user from any attack associated with ZecOps' discovery. Users should wait for Apple to release iOS fixes before enabling email accounts again. As a word of caution, those who need to check for emails should do so using a Mac as it is not affected. Gmail will also be a safe alternative.

iPhone 11 Pro Unboxing
iPhone 11 Pro. Aaron Yoo(CC BY-ND 2.0)