Critical Security issue in iOS Apple mail app -- all versions affected!
Daniel Nashed – 24 April 2020 11:07:37
German BSI announced that there is a very critical security issue in the mail app shipped with iOS. Also the current iOS 13.4.1 is affected!
The exploit can be used to control the mail app and depending and in combination with other not described edge conditions they could be even in control of the whole device. There is no fix yet.
Here is the original post with all the technical details -> https://blog.zecops.com/vulnerabilities/unassisted-ios-attacks-via-mobilemail-maild-in-the-wild/
Now with those details it's not 100% clear to me if the issue will also impact Traveler. We have to see how Traveler transfers the over Active Sync.
Domino stores attachments in an object and if the sizes don't match it could be that we are running into an error already when Traveler reads the attachments.
That's something only the Traveler team could tell us. For now we have assume we are also affected.
See details in those German links.
https://www.bsi.bund.de/DE/Presse/Pressemitteilungen/Presse2020/Warnung_iOS-Mail_230420.html
https://www.heise.de/mac-and-i/meldung/Mail-Bugs-BSI-warnt-vor-iOS-4708945.html
I got the first question from a customer how to disable Traveler sync for the native Apple iOS app.
There are settings which define the user agents for each of the device types.
And there is a setting along with it to allow or to deny a device type. Let me dump some of you as an example.
So if you set the following notes.ini setting and restart your Traveler servertask, those devices could not sync any more.
set config NTS_USER_AGENT_ALLOWED_APPLE=false
Update 24.04.2020 15:50: I got the feedback from HCL that those type of variables are checked once per minute and we haven't been patient in testing. I can confirm on my server that it works after 1 minute. So no restart is needed for this change!
-- Daniel
NTS_DEVICE_TYPE_USER_AGENT_ANDROID_PROTOCOL = "^(?=.*Android)(?!.*(BlackBerry (Windows Phone))).*"
NTS_DEVICE_TYPE_USER_AGENT_ANDROID_SYNCML = "^Lotus Traveler Android"
NTS_DEVICE_TYPE_USER_AGENT_APPLE = "(^Apple-(iPhone iPod iPad Touchdown)) (^Mozilla.*(iPhone iPod iPad))"
NTS_DEVICE_TYPE_USER_AGENT_APPLE_COMPANION = "^TravelerCompanion.*CFNetwork.*Darwin"
NTS_DEVICE_TYPE_USER_AGENT_APPLE_TO_DO = "^TravelerToDo"
NTS_DEVICE_TYPE_USER_AGENT_BB_10 = "(BB10) (Toggle) (OP/) ((RIM BlackBerry PlayBook).*/10\.) (WorkConnect)"
NTS_DEVICE_TYPE_USER_AGENT_BB_2 = "(RIM Tablet) ((RIM BlackBerry PlayBook).*/2\.)"
NTS_DEVICE_TYPE_USER_AGENT_BB_GENERIC = "RIM BlackBerry PlayBook BB10"
NTS_DEVICE_TYPE_USER_AGENT_IBM_APPLE = "^Traveler-iOS-"
NTS_DEVICE_TYPE_USER_AGENT_SECUREPIM_GENERIC = "^SecurePIM"
NTS_DEVICE_TYPE_USER_AGENT_WINPHONE_10 = "(WinPhone/10) (Windows Phone 10.) (Windows Phone OS 10.) (MSFT-WIN-4/)"
NTS_DEVICE_TYPE_USER_AGENT_WM_GENERIC = "(^IBM SyncML Client$) (^Lotus Traveler WM)"
NTS_USER_AGENT_ALLOWED_ANDROID = true
NTS_USER_AGENT_ALLOWED_APPLE = true
NTS_USER_AGENT_ALLOWED_BB = true
NTS_USER_AGENT_ALLOWED_IBM_APPLE = true
NTS_USER_AGENT_ALLOWED_OTHER = true
NTS_USER_AGENT_ALLOWED_OUTLOOK = true
NTS_USER_AGENT_ALLOWED_OUTLOOKEAS = true
NTS_USER_AGENT_ALLOWED_REGEX = ".*"
NTS_USER_AGENT_ALLOWED_SECUREPIM = true
NTS_USER_AGENT_ALLOWED_WINPHONE_10 = true
- Comments [2]
1Detlev Pöttgen 24.04.2020 11:35:50 Critical Security issue in iOS Apple mail app -- all versions affected!
Yes, after changing this settings, you need a restart of the Traveler server.
Apple responded regarding the issue:
Apple has acknowledged the three issues discovered by security group ZecOps, and has patched these in the iOS 13.4.5 beta which should be released to the public soon.
https://9to5mac.com/2020/04/24/iphone-mail-vulnerabilities/
2Uwe Brahm 24.04.2020 12:20:01 Critical Security issue in iOS Apple mail app -- all versions affected!
Don't panic:
https://www.nytimes.com/reuters/2020/04/24/technology/24reuters-apple-cyber.html