Saturday, 21 September 2013

Bug in iOS 7 allows calls to be placed from locked iPhone

Another security flaw has been discovered in Apple's iOS 7, this time exploiting a bug in the emergency calling system that allows anyone to bypass an iPhone's passcode lock to make a phone call.
Exploit

The bug was found by Karam Daoud and reported by Fortune, which noted the emergency call exploit has AppleInsider was able to replicate the process on an iPhone 5 running iOS 7.

The discovery comes after a separate issue was uncovered on Thursday that exploits a glitch in Command Center to bypass iOS 7's lock screen security protection. That problem is easily rectified, however, by turning off the feature's lock screen access in Settings.

As with any new operating system release, the first version is bound to have a few issues that were not unearthed during beta testing. For example, Apple's Safari app in iOS 6 contained a Smart App Banner bug that reenabled JavaScript without user consent, potentially opening devices to security breaches.

Apple has been informed of the latest exploit and will likely issue a patch with the next software update.

No comments:

Post a Comment