An SMS or something else. It wouldn't be too hard, if you targeted someone specific, to send a well-made email to that person showing his friend, boss, ... address or something, or even hide behind an address like it@company.com requesting all users to update an app.
A "huge" vulnerability doesn't mean it can affect absolutely everyone.
Which is how a few app in the business world are installed, like from private app stores. and this isn't being stupid, this is doing what your company request you to do![]()
So now, you have to know my boss/friend's email address, or the email address of where I work, in order to trick me into installing an app from an email or SMS? I mean, I can understand that this is a problem that Apple needs to fix, but come on. That's a lot of "ifs" to go through just to get me to install a mimicked app.
Also, what happens when I realize that the New Flappy Bird app installed over my Gmail app, and I delete it? Or, I simply restore my phone from a previous backup, before the app was installed? I mean, you did have to take me to a 3rd party website to install an app that never really installed. Anyone with common sense is going to know that something is up at that point.
Last edited: