Airmail 3, a popular e-mail client for MacOS, has a major security vulnerability that could endanger the user's personal information.
Researchers revealed attacks that could only steal users' e-mails and attachments by persuading an attacker to open a message. How does this work?
Airmail 3 promises faster performance and "intuitive interaction". It is full of features, offers attractive sports and supports all major e-mail services. It is no wonder Airmail 3 has become very popular among macOS users.
But there are things to know before downloading.
Watch out for the vulnerability of Airmail 3
VerSprite researchers have discovered that Airmail 3 has a flaw in how attackers handle URL requests that an attacker can use to steal personal data.
By sending a message containing a specific URL request (secretly using Airmail 3 's "Send Mail" function), an attacker can tell the user's email and attachments before knowing what is going on You can get it.
The researchers warn that researchers can embed other code that instructs Airmail to attach other files to outgoing mail.
Another vulnerability allows an attacker to request a specific document from the user account database. Hackers can use a third aviation vulnerability to bypass the HTML filter and prevent the contained plugins from being malicious.
In the fourth attack, an attack is made as soon as the user opens the e-mail. Users do not need to click the link in the email. According to the researcher, this only worked half the time.
iOS users may be in danger
Researchers have found these defects in the macOS version of AirOS 3. It is unknown whether the same problem exists in the iOS version. VerSprite reported all of them to Airmail developers. However…