Sign in with
Sign up | Sign in

iOS 6.1.3 Update Fixes Lock-screen Vulnerability

By - Source: Apple | B 21 comments

Back in mid-February it emerged that a hole in iOS 6.1 allowed folks to bypass the iPhone lockscreen and make calls without ever having to enter the passcode set by the device's owner. At the time, Apple said it was aware of the problem and that it was working on a fix that would arrive in a future software update.

If you're rocking iOS 6.1, you'll be pleased to know that fix has arrived. iOS 6.1.3 fixes a number of bugs, including the hole that allowed users to access certain parts of your phone without having to input the lockscreen code. The trick involved making an emergency call, canceling it, attempting to turn the phone off, and pressing the power button. Though this trick wouldn't give complete access to the phone, it did give access to the phone app, which allowed the person attempting to access your phone to make calls, edit contacts, view photos (by trying to add a photo to a contact's number), and check voicemail.

For full details on the bugs fixed by iOS 6.1.3, check out this security note.

Contact Us for News Tips, Corrections and Feedback

Display 21 Comments.
This thread is closed for comments
  • 2 Hide
    s3anister , March 20, 2013 2:13 PM
    lol, finally.
  • 7 Hide
    blurr91 , March 20, 2013 2:15 PM
    Are you sure that's a "vulnerability" rather than a "feature?"
  • -6 Hide
    christarp , March 20, 2013 2:22 PM
    s3anisterlol, finally.

    blurr91Are you sure that's a "vulnerability" rather than a "feature?"


    http://arstechnica.com/gadgets/2013/03/samsungs-galaxy-s-iii-has-a-lock-screen-bug-too/

    http://www.itechpost.com/articles/6831/20130320/samsung-galaxy-s3-note-2-new-lockscreen-security-exploit-discovered.htm

  • -5 Hide
    Memnarchon , March 20, 2013 2:28 PM
    "iOS 6.1.3 Update Update Fixes Lock-screen Vulnerability and allows you to holding it right"
    There. Fixed it for you.
  • -7 Hide
    lilchina , March 20, 2013 2:32 PM
    not all vulnerability fixed. If you start a voice dial at lock screen as soon as it start to dial pull SIM card it will take you to contacts.
  • -2 Hide
    emjayy , March 20, 2013 2:43 PM
    Fixed? Don't hold your breath.They fixed the original lockscreen bypass vulnerability but simultaneosly introduced a brand new one! This is why I laugh so much when folks calls Apple a 'premium' and 'enterprise-ready' brand.
  • 1 Hide
    sundragon , March 20, 2013 3:41 PM
    emjayyFixed? Don't hold your breath.They fixed the original lockscreen bypass vulnerability but simultaneosly introduced a brand new one! This is why I laugh so much when folks calls Apple a 'premium' and 'enterprise-ready' brand.

    Funny, Apple's update includes hardware like the 3GS that came out in 2009...

    Please point out ONE Android handset from 2009 that gets an update (without rooting) from the manufacturer, or Google for that matter?

    Just one that brings the phone to Jellybean, or even 4.1?

    How about a Windows phone from 2009 that has a software update?

    Right... That's what I thought.

    Kudos to manufacturers that update their software! I got my Nexus because Google promises this, and apparently is the only one to do so, which is a sad state of affairs.

    All OSs have vulnerabilities, Android is far from immune, I know first hand because I own one. You wanna poke fun but the joke's on you
  • 0 Hide
    sundragon , March 20, 2013 3:48 PM
    christarphttp://arstechnica.com/gadgets/201 [...] n-bug-too/http://www.itechpost.com/articles/ [...] overed.htm


    Truth hurts, lets see how long it takes for a fix to come out! All things being equal, hopefully they've learned from the bad press and are working on it.
  • 2 Hide
    robochump , March 20, 2013 3:54 PM
    emjayyFixed? Don't hold your breath.They fixed the original lockscreen bypass vulnerability but simultaneosly introduced a brand new one! This is why I laugh so much when folks calls Apple a 'premium' and 'enterprise-ready' brand.


    Yeah, its already known there is another 'work around' after the 6.1.3 fix. Then again if someone else got your phone then you have bigger problems...lol.
  • 1 Hide
    happyballz , March 20, 2013 4:07 PM
    sundragonFunny, Apple's update includes hardware like the 3GS that came out in 2009...Please point out ONE Android handset from 2009 that gets an update (without rooting) from the manufacturer, or Google for that matter?Just one that brings the phone to Jellybean, or even 4.1?How about a Windows phone from 2009 that has a software update?Right... That's what I thought.Kudos to manufacturers that update their software! I got my Nexus because Google promises this, and apparently is the only one to do so, which is a sad state of affairs.All OSs have vulnerabilities, Android is far from immune, I know first hand because I own one. You wanna poke fun but the joke's on you


    Yeah have you tried running 6 on 3GS? If so I hope you like your lags.
  • 0 Hide
    -Jackson , March 20, 2013 6:13 PM
    sundragonFunny, Apple's update includes hardware like the 3GS that came out in 2009...Please point out ONE Android handset from 2009 that gets an update (without rooting) from the manufacturer, or Google for that matter?Just one that brings the phone to Jellybean, or even 4.1?How about a Windows phone from 2009 that has a software update?Right... That's what I thought.Kudos to manufacturers that update their software! I got my Nexus because Google promises this, and apparently is the only one to do so, which is a sad state of affairs.All OSs have vulnerabilities, Android is far from immune, I know first hand because I own one. You wanna poke fun but the joke's on you

    It's not hard to push OS updates to previous generations of phones when you keep making the same one over and over.
  • 1 Hide
    sundragon , March 20, 2013 8:20 PM
    happyballzYeah have you tried running 6 on 3GS? If so I hope you like your lags.


    Actually, mom's got a 3GS with 6, no lags cuz I updated her phone and tried it out... Please tell me where yours lags... Oh, wait, you probably don't own a 3GS or an apple device...
  • 2 Hide
    excella1221 , March 20, 2013 8:48 PM
    happyballzYeah have you tried running 6 on 3GS? If so I hope you like your lags.

    My brother's still on 3GS and updates OS regularly. I don't believe he's ever mentioned this lag you speak of.
  • 1 Hide
    wemakeourfuture , March 20, 2013 9:35 PM
    At least iPhones get updates on day 1, don't have to wait half a year for a new update as Android phones...

    Lets not even mention phones that are less than 1 year old that stop giving update support...
  • 1 Hide
    house70 , March 21, 2013 4:35 AM
    From AppleInsider (http://appleinsider.com/articles/12/09/24/ios_6_gives_iphone_3gs_another_year_of_life_support ):
    "... there are a few missing features on the iPhone 3GS upgraded to iOS 6: the processor intensive new 3D Maps and Flyover, Turn by Turn Navigation and Panorama camera capture are probably the most significant.

    Other iOS 6 features unsupported on iPhone 3GS including Safari's Offline Reading List (likely due to its limited RAM) and support for new "Made for iPhone" hearing aids (also a hardware issue).

    There's also no new support for previous iOS features that the iPhone 3GS never previously got, ranging from Siri to FaceTime to HDR photos. On the other hand, not even the year newer and significantly faster iPhone 4 supports iOS 6's new Navigation, Flyover or Panorama, nor does it support Siri or Cellular FaceTime (due to missing hardware support for those features)."

    The easiest upgrade is the one where you cut off features (probably because of hardware limitations) and then slap the latest version number on the OS just to make customers feel good. Apple's farts stink, just like everyone else's.

    About the lag: the "internets" are full of reports of that lag. Hardly a "made up" issue. Probably the reason why Apple had to cut down the features for older generations of hardware; can't have the cake and eat it, too.
  • 0 Hide
    Non-Euclidean , March 21, 2013 5:51 AM
    emjayyFixed? Don't hold your breath.They fixed the original lockscreen bypass vulnerability but simultaneosly introduced a brand new one! This is why I laugh so much when folks calls Apple a 'premium' and 'enterprise-ready' brand.


    Maybe, but if you really want to see something funny, pull down your pants.
  • 0 Hide
    curnel_D , March 21, 2013 1:01 PM
    house70(due to missing hardware support for those features).

    Incorrect. There are plenty of cases that you can find with a quick and simple google search showing these features working just peachy on the standard iPhone 4, when it's really only apple that swears that it won't work. Nearly all of apple's unpopular stances on such things have been proven to be false by some very talented people that for some strange reason still do work on an iOS device.
  • 0 Hide
    sundragon , March 22, 2013 8:09 AM
    house70From AppleInsider (http://appleinsider.com/articles/12/09/24/ios_6_gives_iphone_3gs_another_year_of_life_support ):"... there are a few missing features on the iPhone 3GS upgraded to iOS 6: the processor intensive new 3D Maps and Flyover, Turn by Turn Navigation and Panorama camera capture are probably the most significant.Other iOS 6 features unsupported on iPhone 3GS including Safari's Offline Reading List (likely due to its limited RAM) and support for new "Made for iPhone" hearing aids (also a hardware issue).There's also no new support for previous iOS features that the iPhone 3GS never previously got, ranging from Siri to FaceTime to HDR photos. On the other hand, not even the year newer and significantly faster iPhone 4 supports iOS 6's new Navigation, Flyover or Panorama, nor does it support Siri or Cellular FaceTime (due to missing hardware support for those features)."The easiest upgrade is the one where you cut off features (probably because of hardware limitations) and then slap the latest version number on the OS just to make customers feel good. Apple's farts stink, just like everyone else's.About the lag: the "internets" are full of reports of that lag. Hardly a "made up" issue. Probably the reason why Apple had to cut down the features for older generations of hardware; can't have the cake and eat it, too.


    Yeah, they aren't adding new features, but your argument is illogical for a few reasons:

    1. The update includes needed security updates.

    2. No one expects features that over extend the hardware. The same thing is happening with older Google hardware that got Jellybean.

    3. The update includes fixes for glitches. Your version of Android from 2009 - 2013 will have quite a few issues. My Nexus 7 had HUGE issues going from 4.0 - 4.2.2 - If I had purchased another manufacturer's tablet, I would have been stuck with those issues. The fact is most users would rather have security patches and fixes for bugs before demanding new features. I just wanted bloody bluetooth to work and have the screen work properly (for example).

    Android OS since 2009 - from: http://en.wikipedia.org/wiki/Android_(operating_system)
    4.2.x Jelly Bean November 13, 2012
    4.1.x Jelly Bean July 9, 2012
    4.0.x Ice Cream Sandwich December 16, 2011
    3.2 Honeycomb July 15, 2011 13
    3.1 Honeycomb May 10, 2011 12
    2.3.3–2.3.7 Gingerbread February 9, 2011
    2.3–2.3.2 Gingerbread December 6, 2010
    2.2 Froyo - May 20, 2010
    2.0–2.1 Eclair - October 26, 2009

    Finally, IMHO - Most of the people on here are quick to point out flaws in one manufacturer's devices when they have no personal experience - I'm not talking out of both sides of my mouth - I own both Apple, Google, and Microsoft devices by virtue of what I do. My critique is from first hand experience.

    P.S. Saw my mom on Monday - had lunch, updated a few apps on her phone and played with it for a few minutes and NO LAG for web browsing, playing sudoku, checking email, and the text my brother sent while we were lunching...
  • 0 Hide
    sundragon , March 22, 2013 8:10 AM
    Edit: My Nexus 7 had HUGE issues going from 4.1.1 - 4.2.2
  • 0 Hide
    house70 , March 23, 2013 5:02 AM
    Quote:
    house70(due to missing hardware support for those features).

    Incorrect. There are plenty of cases that you can find with a quick and simple google search showing these features working just peachy on the standard iPhone 4, when it's really only apple that swears that it won't work. Nearly all of apple's unpopular stances on such things have been proven to be false by some very talented people that for some strange reason still do work on an iOS device.

    I know. That was the official stance, not my opinion.
Display more comments