Apple releases iOS 6.1.3, fixes original lock screen exploit but adds new exploit in the process

voicecontrol

Last month, reports surfaced about a bug in iOS 6.1 that would allow anyone to bypass your passcode lock and gain access to your phone. After more than a month’s time, Apple has released iOS 6.1.3 to address the issue. The problem is, while they did fix the security bug, they introduced a new one in the process.

Not very long after Apple released their latest update, a new exploit was discovered that also allows you to bypass the passcode on the lock screen by using a bug in the voice control feature of the phone. The process is fairly simple and is done by activating voice control and ejecting the SIM card during the call initiated through voice control. Here’s a video of it in action:

Fortunately for iPhone owners worried about this vulnerability, all you have to do to protect yourself is turn off voice control. And if you’re on an iPhone 4S, the exploit will only work if you disable Siri and choose to use voice control instead — so, keep Siri on. Finally, the exploit reportedly does not work on the iPhone 5.

As of posting time, it doesn’t look like Apple has commented on the issue. And I wouldn’t blame them, this is pretty embarrassing.

[via Engadget]

Related Posts