Skip to main content

Security flaw found in iPhone and ipad that could infect your device even if you didn't click a thing

Security flaw found in iPhone and ipad that could infect your device even if you didn't click a thing
(Image credit: Getty)

It seems like we’re always reporting on security leaks and flaws these days and we hate to become predictable, but it seems that another major online security flaw has been exposed, this time in Apple’s native email app for iPhone and iPad devices. The flaw was found by ZecOps, a cybersecurity company which researches attacks so it can learn how to defend against them.

In essence, the flaw allows hackers to overwhelm the email app by sending large emails which use up enormous amounts of RAM capacity, which in turn lets them run what are called 'remote zero-click' attacks, which are virus infections that occur without the victim ever clicking on anything. So, in this case, simply having your email app running in the background would be enough for the attack to take place. You wouldn’t even need to open the offending email to be infected.

It’s a lot more complicated than that and I turned into Russell Crowe in A Beautiful Mind trying to make sense of it all, but the gist of it is that your iPhone could be infected with a virus even if you didn’t click a single thing, which is terrifying. If you’d like to get into the nitty gritty of the vulnerability, you can read the full ZecOps report.

Bad timing for Apple

ZecOps alerted Apple to the vulnerability once it had finished its investigation and the Apple product security team has since delivered a beta patch which blocks to issue going forwards. With the recent launch of the new iPad Pro and the second-generation iPhone SE, Apple will be looking to avoid any controversies that would damage its products reputation with customers, so it’s good to see that this issue has been swiftly resolved, but it serves as a stark warning that we must be constantly vigilant for new threats online.

If you’re looking to keep your devices safe from malicious software, you should consider getting one of the best antivirus or best internet security software, both of which can now be installed on smartphones and tablets, as well as traditional laptops and home computers.

Ian Stokes is the Tech Editor here at Top Ten Reviews. He has extensive experience in tech and games journalism, with work published on IGN, Kotaku UK, Waypoint, GamesRadar, Trusted Reviews, and many more. You'll find him covering everything from smartphones and home computers to 3D printers and headphones. He's also our resident cocktail expert.