• Link to Rss this site
  • Link to LinkedIn
  • Link to Youtube
  • Link to X
  • Link to Instagram
  • English English English en
  • Deutsch Deutsch German de
Sales: +49 5251 304-800 | Support: +49 5251 304-636
NoSpamProxy
  • PRODUCT
    • NoSpamProxy Cloud
    • NoSpamProxy Protection
    • NoSpamProxy Encryption
    • NoSpamProxy Large Files
    • NoSpamProxy Disclaimer
  • SOLUTIONS
    • M365 Mail Security
    • Managed Certificates
    • 32Guards
    • AS4
  • RESOURCES
    • Documentation
    • Forum
    • Webcast Training
    • Training Courses
    • Support
    • Software Download
  • PARTNERS
    • Finding Resellers
    • Becoming Reseller
    • Partner Portal
    • NFR Licenses
  • COMPANY
    • Contact
    • Testimonials
    • Team
    • Career
    • Events
    • Awards
  • PRICES
  • BLOG
    • Blog
    • Newsletter Subscription
  • FREE TRIAL VERSION
    • Price Request
    • Free Trial Version
  • English
    • Deutsch
  • Click to open the search input field Click to open the search input field Search
  • Menu Menu
  • Sicherheitslücke in iOS-App Mail: Was Sie jetzt tun sollten

Vulnerability in iOS App Mail: What you should do now

Currently, due to a security vulnerability, criminals are apparently able to smuggle malicious code into iPhones and iPads via emails. Affected are iOS devices on whichenen the software is installed in version 13.4.1 or a previous version up to version 6 . The Federal Office for Information Security (BSI) assesses the vulnerability as very critical and warns against using the iOS Mail app.

Nach aktuellem Wissensstand ist lediglich die Mail-App kompromittiert, nicht das komplette Gerät. Nichts desto trotz erlaubt es den Angreifern, E-Mails zu lesen, zu verändern und zu löschen. It is not yet known whether further dangers arise from an infection. However, the security company ZecOps points out that the vulnerability is already being actively exploited. A patch is not yet available.

Depending on the version, the attack vectors also differ: In iOS 12 downwards, the user must open the infected email to allow the malicious code to take effect; from version 13 onwards, it is even sufficient to receive the email. The infection is ultimately made possible by triggering a so-called heap overflow. This allows attackers to use malicious code to execute arbitrary commands in the respective process – in this case the mail app. Such a heap overflow can be achieved for example via specially prepared office files in RTF format or multipart Emails.

What we recommend

  • Delete the iOS App Mail or turn off synchronization
  • Use Microsoft Outlook as your email client
  • Apply the announced patch as soon as it is available.

Alternatively:

  • Sign up for the Apple Beta Software Program. In the iOS beta version 13.4.5 the patch is already integrated.

Ensure safety with Intunes

Microsoft Intune is part of the Enterprise Mobility + Security Suite and part of Microsoft 365. Via the central management for Windows, iOS, macOS and Android, device settings can be made, devices provisioned and profiles and software distributed to clients.

In this case, we recommend disabling access for all existing iOS devices via Exchange ActiveSync. You should also block new devices from the Exchange ActiveSync quarantine before they connect to the Exchange server.

Both is conveniently possible via Microsoft Intune. In addition, you can easily block iOS Mail to keep any malicious code from the devices.

Do you want to use Microsoft Intune to provide more security?

More information about Microsoft Intune

  • share 
  • share 
  • share 
  • email 

SEARCH

PRODUCT

  • All Topics
  • NoSpamProxy Cloud
  • NoSpamProxy Protection
  • NoSpamProxy Encryption
  • NospamProxy Large Files

You need support?

You can find more information about NoSpamProxy in our documentation and forum.

CATEGORY

  • All Topics
  • News
  • Product
  • Tech & Support
  • Events

NoSpamProxy Newsletter

Subscribe to Newsletter
RSS Feed Logo RSS Feed Logo Subscribeto RSS Feed

NoSpamProxy

  • NoSpamProxy Cloud
  • NoSpamProxy Encryption
  • NoSpamProxy Large Files
  • NoSpamProxy Disclaimer
  • Price request
  • Team
  • Career
  • General terms and conditions
  • Data Protection Information for Business Partners and Applicants
  • Cybersecurity (PSIRT)

Partners

  • Becoming a reseller
  • Partners
  • Order Certificates
  • Newsletter

Categories

  • All topics
  • News
  • Support
  • Updates
  • Order certificates

Latest News

  • Advanced Threat Protection ATP Preview
    Advanced Threat Protection: NoSpamProxy offers numerous ATP features at no extra charge13.06.2025 - 13:32
  • NoSpamProxy Update
    NoSpamProxy Server 15.5 now available03.06.2025 - 13:00
  • Customer Success Management Tim Kaleja Preview
    Interview: How NoSpamProxy ensures customer satisfaction with strong customer success management26.05.2025 - 10:00
IMPRINT • EULA • Privacy Policy • • © 2025 Net at Work GmbH
  • Link to Rss this site
  • Link to LinkedIn
  • Link to Youtube
  • Link to X
  • Link to Instagram
Link to: WWK user report in IT Finanzmagazin Link to: WWK user report in IT Finanzmagazin WWK user report in IT FinanzmagazinMetehan Manap WWK Link to: That is why public institutions are the main targets of cyber attacks Link to: That is why public institutions are the main targets of cyber attacks Berliner Kammergericht CyberangriffThat is why public institutions are the main targets of cyber attacks
Scroll to top Scroll to top Scroll to top