Latest iOS 9.0.1 Update Failed to Patch Lockscreen Bypass Hack

0
535
iOS 9.0.1 – Apple’s first update to its new iOS 9 mobile operating system, came out on Wednesday, addressed several bugs in its software.
However, unfortunately, it seems that the latest update iOS 9.0.1 doesn’t fix the lock screen bypass vulnerability reported by iPhone user Jose Rodriguez.
Yes, the serious flaw in iOS 9 that allows anyone – with physical access of your iPhone or iPad – to bypass your device’s lock screen and get into your contacts and personal photographs, also Works on iOS 9.0.1.

Video Demonstration:

Rodriguez published a new video detailing a step-by-step explanation on how to bypass the passcode on iOS 9 and iOS 9.0.1 device, using the benevolent nature of Apple’s personal assistant Siri.
The lock screen bypass vulnerability works on all iOS versions from iOS 5.1.1 to the latest released iOS 9.0.1.

Mitigation

So, until Apple rolls out an update to patch this bug, the only way available to iPhone users to mitigate the issue is to disable Siri from being accessed from the lock screen.
To disable Siri on the lock screen, follow these simple steps:
  • Go to Settings
  • Select Touch ID & Passcode
  • Enter your passcode in the prompt
  • Look for “Allow access when locked” section and Disable Siri
The iOS lock screen bug is similar to that fixed in the latest version of Android Lollipop. The Android lock screen bypass bug was far more complex than the current iOS bypass, as well as the impact was also worse.
The Android lock screen bypass gave attackers access to all important files as well as the ability to install malicious apps on the affected device.
However, it’s been a bad week for Apple’s iOS security with the discovery of nearly 4,000 malware-infected applications on the App Store.

NO COMMENTS

LEAVE A REPLY