Although Apple claims to have fixed 80 security vulnerabilities with iOS 7, including the ability to bypass the lock screen in iOS 6.1.3, the same person who found the previous vulnerability has found yet another in iOS 7.
Discovered by 'Jose Rodriquez', an iPhone user reported a security flaw in iOS that lets anyone bypass the lockscreen passcode and access sensitive information stored in photos, Twitter, email and more.
The flaw resides on users who lock their devices with a traditional PIN code or password. The security flaw is demonstrated in the video below and it works as follows:
The exploit has been tested successfully on iOS 7 when running on the iPhone 4S, 5, 5C, and 5S, and the most recent iPad model.
Until an official fix is available from Apple, iOS 7 users can avoid this security hole by disabling the control center of the lock screen in their device settings.
Update (5:02 PM Thursday, September 26, 2013 GMT) : Apple has just released iOS 7.0.2, a new update delivering several changes including a fix for a lock screen passcode vulnerability.
- Swipe up from the bottom of the Lock screen to open Control Center and Launch the Clock app.
- Open the Alarm Clock section of the Clock app and Hold down the power button.
- Quickly tap Cancel the immediately double-click the Home button and Hold down for a bit longer on the second click.
- From here you can access the camera and stored photos. You can share these photos on Facebook, Twitter, Flickr or via email.
Until an official fix is available from Apple, iOS 7 users can avoid this security hole by disabling the control center of the lock screen in their device settings.
Update (5:02 PM Thursday, September 26, 2013 GMT) : Apple has just released iOS 7.0.2, a new update delivering several changes including a fix for a lock screen passcode vulnerability.
