A new lock screen flaw has been discovered in iOS 7, less than a day after Apple had patched two similar vulnerabilities with the release of iOS 7.0.2.
In the video , uploader Dany Lisiansky demonstrates that although Apple has gone to great lengths to secure its operating system, there’s still one unpatched vulnerability that grants access to the innards of a locked phone.
The demo reveals that if you call another device using Siri or Voice Control, you can enable FaceTime, hit the Sleep/Wake button, unlock the iPhone again, answer and immediately end the call on the other device, and - within seconds - you’ll gain access to the Phone app.
That may not sound like much of a bug, but if you consider that iOS grants you access to pretty much everything through the Phone app, it’s one heck of a vulnerability.
Granted, you need someone with physical access to two FaceTime devices, and a pretty determined mind to perform the hack. But don’t be fooled. It’s serious, and it needs patching. Hopefully iOS 7.0.3 will be released in due time.
No comments:
Post a Comment