Apple denies hackers exploited critical iPhone vulnerabilities

(Image credit: Apple)
Audio player loading…

Apple has denied claims that zero-day vulnerabilities in its Mail application (opens in new tab) for iOS have been actively used to target iPhone (opens in new tab) and iPad (opens in new tab) users.

This followed a report that outlined two critical flaws in the software suite's mail client, which could have allowed hackers to scrape information from the target device.

The report from security firm ZecOps stated, “with high confidence”, that the newly discovered flaws have been widely exploited in the wild. However, while Apple has acknowledged the existence of the bugs, it says it has found “no evidence they were used against customers.”

Apple security flaws

Apple is widely praised for its excellent digital security standards and watertight code, and is understandably eager to preserve its reputation.

The company disputes ZecOps’ assertion that the flaws have been used to attack multiple high-profile targets, including employees of a Fortune 500 company and an executive at a Japanese telecoms firm.

In its written riposte, Apple claims to have conducted a full enquiry, which unearthed no evidence to suggest the vulnerabilities have been exploited in the wild.

“We have thoroughly investigated the researcher’s report and, based on the information provided, have concluded these issues do not pose an immediate risk to our users,” said Apple.

“The researcher identified three issues in Mail, but alone they are insufficient to bypass iPhone and iPad security protections, and we have found no evidence they were used against customers.”

ZecOps, meanwhile, is sticking firmly to its resolve. The company says it has access to evidence the bugs were used to assault “a few organizations” and has promised to share intelligence with Apple once a full software update has been made publicly available.

Via Reuters (opens in new tab)

Joel Khalili
News and Features Editor

Joel Khalili is the News and Features Editor at TechRadar Pro, covering cybersecurity, data privacy, cloud, AI, blockchain, internet infrastructure, 5G, data storage and computing. He's responsible for curating our news content, as well as commissioning and producing features on the technologies that are transforming the way the world does business.