
Recent releases of Apple’s iOS platform including the latest iOS 7.1.1 update include a bug that prevents email attachments saved on the device from being protected with encryption, with a fix presumably on the way. Security researcher Andreas Kurtz previously revealed that he has reported the flaw to Apple and the company claimed they were aware of the issue. To date, the problem hasn’t been fixed and Apple hasn’t offered a timetable for when it might be addressed.
The Cupertino California company’s statement on the issue simply mentioned the following:
We're aware of the issue and are working on a fix which we will deliver in a future software update.
One thing to note is that the security flaw requires that a malicious hacker have physical access to the iPhone in order to read the root file system. Attaching the unencrypted attachments requires the device to be placed in “DFU” mode and accessed via SSH. This step requires that a malicious user would either need the device passcode or perform a hardware jailbreak of the device to exploit the bug.
Apple’s iOS 7.1.1 is currently only available for jailbreak on the iPhone 4. According to the International Business Times:
…owners of newer iOS devices running iOS 7.1 and above continue to be without luck as no jailbreak has been developed for the latest version of iOS on devices such as the iPhone 5S and iPad Air.
Source: Andreas Kurtz (blog), International Business Times, ZDNet
Message