Apple fixes the Siri lockscreen bypass vulnerability | tech | Hindustan Times
Today in New Delhi, India
Feb 21, 2017-Tuesday
-°C
New Delhi
  • Humidity
    -
  • Wind
    -

Apple fixes the Siri lockscreen bypass vulnerability

tech Updated: Apr 06, 2016 14:38 IST
HT Correspondent
HT Correspondent
Hindustan Times
Apple

Apple recently discovered iOS lockscreen bypass vulnerability which allowed unauthorized access to a user’s Contacts and Photos has been fixed(Reuters)

Apple has reportedly confirmed that they have fixed the iPhone Siri bug that allowed anyone access to conatcts and photo albums.

In a statement to The Washington Post , a Apple representative confirmed that a fix has now been rolled out. The statement further added that users should get the fix without the need for a software update.

Read more: New lockscreen bypass bug found on iPhone 6s, iPhone 6s Plus

The patch arrives in less than a day after the video was posted on YouTube explaining the lockscreen vulnerability, which was discovered by YouTube user Jose Rodriguez. He posted a video showing how anyone can bypass the lockscreen on 3D Touch enabled iPhones and get access to contacts and photos without a passcode or a fingerprint scanner.

Though for anyone to take undue advantage of the exploit, it only happens when users allow Siri to access their Twitter account, which requires their passcode or a fingerprint scanner on iPhones featuring Apple’s pressure sensitive Force Touch technology.

Detailing the scenario in the video, the user first asks Siri to perform a Twitter search for a tweet containing an email address, and performing a 3D Touch gesture on resulting link allowed access to Contacts and Photos.