AppleInsider is supported by its audience and may earn commission as an Amazon Associate and affiliate partner on qualifying purchases. These affiliate partnerships do not influence our editorial content.
According to VPN Tracker, this serious flaw affects any iOS 16 device. After multiple staff members at the company were seeing Mail crashing immediately on launch, its engineers discovered the flaw.
“It turns out the team had all received the same spam message,” reports the company in a blog posting. “Looking at the raw source of the message didn’t immediately reveal any red flags — it was a pretty basic HTML email.”
“However, a look at the mail headers showed that the spammers had done something unusual in the ‘from’ field,” it continues. Instead of a regular email address in the from field, the initial part of the address was replaced by two double quotes.
VPN Tracker notes that what it calls the #MailJack bug is still present in the beta releases of iOS 16.1, and also iPadOS 16.1 The company has filed a report with Apple and recommends that emails formatted like this should be blocked.
- Open Apple Mail on another device, or online via icloud.com
- Delete the spam email
This makes Mail write to its email database. As soon as it does this, it unlocks the disabled Mail app..
This flaw is specifically for Apple Mail on iOS 16 and iPadOS 16. It does not appear to affect Mail on the Mac. Gmail and Yahoo appear to be filtering the messages out.