Yesterday we told you about a passcode flaw in iOS 9.3.1 that affected Apple’s iPhone 6S and 6S handsets. The flaw was originally discovered by the guys over at 9 to 5 Mac.
The flaw allowed anyone to access your photos and contacts by using Apple’s Siri from the lock screen when the device was locked. This security loophole raised significant concerns among users, as it compromised the privacy and security of sensitive information stored on their devices.
Details of the Passcode Flaw
The issue was particularly alarming because it bypassed the fundamental security feature of the iPhone—the passcode lock. By simply asking Siri to “search Twitter” or perform similar tasks, unauthorized users could gain access to personal data without needing to know the device’s passcode. This vulnerability highlighted the potential risks associated with voice-activated assistants and their integration with other device functionalities.
Good news as Apple has now fixed the passcode flaw in iOS 9.3.1. The fix was done without the need for an update. As the issue was related to Apple’s Siri, Apple was able to fix the problem server-side without having to release a software update. This quick response from Apple demonstrates their commitment to user security and their ability to address issues efficiently.
Now if you ask Apple’s Siri to ‘search Twitter’ whilst on the lock screen, Siri will now respond by telling you that ‘you’ll need to unlock your iPhone first’, so the passcode flaw has now been fixed. This change ensures that unauthorized users cannot exploit Siri to bypass the lock screen and access private information.
Additional Fixes and Improvements
According to 9 to 5 Mac, Apple has also fixed another flaw that allowed anyone to activate Night Shift Mode and also Low Power Mode when the handset was locked. These features, while not as critical as accessing photos and contacts, still posed a security risk by allowing changes to the device’s settings without proper authorization.
Night Shift Mode adjusts the display’s color temperature to reduce blue light exposure, which can be beneficial for users’ sleep patterns. Low Power Mode, on the other hand, helps extend battery life by reducing background activity and performance. While these features are useful, their unauthorized activation could lead to unintended consequences, such as reduced device performance or altered display settings.
Apple’s ability to address these issues promptly and without requiring a software update is a testament to their robust infrastructure and commitment to user security. By fixing these flaws server-side, Apple minimized the disruption to users and ensured that their devices remained secure without the need for manual intervention.
The swift resolution of the passcode flaw and other related issues in iOS 9.3.1 highlights Apple’s dedication to maintaining the security and privacy of their users. The ability to fix such vulnerabilities server-side without requiring a software update showcases the efficiency and responsiveness of Apple’s security measures. Users can now rest assured that their personal information is better protected, and they can continue to enjoy the convenience and functionality of their iPhones without compromising on security.
Source 9 to 5 Mac
Latest Geeky Gadgets Deals
Disclosure: Some of our articles include affiliate links. If you buy something through one of these links, Geeky Gadgets may earn an affiliate commission. Learn about our Disclosure Policy.