The app “Outlook for iOS” (named “Outlook” in the App Store) is safe to use and it is the recommended client for iOS users. What applications on the device can people use instead? Sending unencrypted traffic over any network, even campus WiFi, is risky. Public WiFi, coffee shops, airports, hotels are particularly concerning. The vast majority of networks pose a risk for users. Faculty and researchers traveling overseas could be at risk for this scenario. An active attacker could manipulate the user into misconfiguring their device. It is possible for a malicious actor to monitor a network over a long period of time to obtain passwords from affected Apple devices. Who can observe the unencrypted passwords?Īnyone on the same network is able to observe and record user passwords. We have observed instances of devices with the latest version of iOS 11 being affected.
What Apple devices are affected?Īll iOS devices are potentially affected. It is a flaw in Apple iOS Mail’s implementation of the AutoDiscover protocol for connecting to Exchange using ActiveSync. If you have any questions or concerns, please contact the DoIT Help Desk.įrequently Asked Questions (FAQ) What applications on the Apple device are affected? The UW–Madison Office 365 team recommends that you use the Microsoft Outlook app instead of Apple’s iOS Mail app to access your UW-Madison email and calendar.Download and install the Microsoft Outlook app.Delete Outlook/Office 365 from your iOS Mail profile on your device.If you have an older device that is not on the list as being compatible for iOS 12, follow these steps to fix it: UW-Madison Office 365 Server and Configuration Settings.Delete and recreate your Outlook/Office 365 account from your Apple device settings.If you use the iOS Mail app, follow these steps to fix it: Apple is aware of this security issue and has mitigated the risk in the newly released iOS 12 update. The UW-Madison Office 365 team identified a security issue with Apple’s native iOS Mail app that could expose NetID credentials on the network the device is connected to.
0 kommentar(er)
