John Mccombs

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 11.3 macOS versions prior to 10.13.4 **Description** The issue involves the Mail component and allows man-in-the-middle attackers to read S/MIME encrypted messages by leveraging an inconsistency in the user interface. **Recommendations** For iOS versions prior to 11.3, update to version 11.3 or later. For macOS versions prior to 10.13.4, update to version 10.13.4 or later.

**Name of the Vulnerable Software and Affected Versions** Mail component in Mac OS X versions prior to 10.11 **Description** The issue is related to the Mail Drop feature in the Mail component, which mishandles encryption parameters for attachments. This makes it easier for attackers to obtain sensitive information by analyzing network traffic during the transmission of an S/MIME email message with a large attachment. **Recommendations** For versions prior to 10.11, update to version 10.11 or later to resolve the issue.