iOS 6.1.3 Update Fixes Lock-screen Vulnerability

Back in mid-February it emerged that a hole in iOS 6.1 allowed folks to bypass the iPhone lockscreen and make calls without ever having to enter the passcode set by the device's owner. At the time, Apple said it was aware of the problem and that it was working on a fix that would arrive in a future software update.

If you're rocking iOS 6.1, you'll be pleased to know that fix has arrived. iOS 6.1.3 fixes a number of bugs, including the hole that allowed users to access certain parts of your phone without having to input the lockscreen code. The trick involved making an emergency call, canceling it, attempting to turn the phone off, and pressing the power button. Though this trick wouldn't give complete access to the phone, it did give access to the phone app, which allowed the person attempting to access your phone to make calls, edit contacts, view photos (by trying to add a photo to a contact's number), and check voicemail.

For full details on the bugs fixed by iOS 6.1.3, check out this security note (opens in new tab).

_{Contact Us for News Tips, Corrections and Feedback}

Latest

AMD's A620 Chipset Quietly Arrives Without Full Support for 65W-Plus CPUs

See more latest ►

Topics

Apple

iOS

iPhone

Security

Smartphones

21 Comments Comment from the forums

s3anister

lol, finally.
Reply
blurr91

Are you sure that's a "vulnerability" rather than a "feature?"
Reply
christarp

s3anisterlol, finally.blurr91Are you sure that's a "vulnerability" rather than a "feature?"
http://arstechnica.com/gadgets/2013/03/samsungs-galaxy-s-iii-has-a-lock-screen-bug-too/

http://www.itechpost.com/articles/6831/20130320/samsung-galaxy-s3-note-2-new-lockscreen-security-exploit-discovered.htm

Reply
Memnarchon

"iOS 6.1.3 Update Update Fixes Lock-screen Vulnerability and allows you to holding it right"
There. Fixed it for you.
Reply
lilchina

not all vulnerability fixed. If you start a voice dial at lock screen as soon as it start to dial pull SIM card it will take you to contacts.
Reply
emjayy

Fixed? Don't hold your breath.They fixed the original lockscreen bypass vulnerability but simultaneosly introduced a brand new one! This is why I laugh so much when folks calls Apple a 'premium' and 'enterprise-ready' brand.
Reply
sundragon

emjayyFixed? Don't hold your breath.They fixed the original lockscreen bypass vulnerability but simultaneosly introduced a brand new one! This is why I laugh so much when folks calls Apple a 'premium' and 'enterprise-ready' brand.Funny, Apple's update includes hardware like the 3GS that came out in 2009...

Please point out ONE Android handset from 2009 that gets an update (without rooting) from the manufacturer, or Google for that matter?

Just one that brings the phone to Jellybean, or even 4.1?

How about a Windows phone from 2009 that has a software update?

Right... That's what I thought.

Kudos to manufacturers that update their software! I got my Nexus because Google promises this, and apparently is the only one to do so, which is a sad state of affairs.

All OSs have vulnerabilities, Android is far from immune, I know first hand because I own one. You wanna poke fun but the joke's on you
Reply
sundragon

christarphttp://arstechnica.com/gadgets/201 n-bug-too/http://www.itechpost.com/articles/ overed.htm
Truth hurts, lets see how long it takes for a fix to come out! All things being equal, hopefully they've learned from the bad press and are working on it.
Reply
robochump

emjayyFixed? Don't hold your breath.They fixed the original lockscreen bypass vulnerability but simultaneosly introduced a brand new one! This is why I laugh so much when folks calls Apple a 'premium' and 'enterprise-ready' brand.
Yeah, its already known there is another 'work around' after the 6.1.3 fix. Then again if someone else got your phone then you have bigger problems...lol.
Reply
happyballz

sundragonFunny, Apple's update includes hardware like the 3GS that came out in 2009...Please point out ONE Android handset from 2009 that gets an update (without rooting) from the manufacturer, or Google for that matter?Just one that brings the phone to Jellybean, or even 4.1?How about a Windows phone from 2009 that has a software update?Right... That's what I thought.Kudos to manufacturers that update their software! I got my Nexus because Google promises this, and apparently is the only one to do so, which is a sad state of affairs.All OSs have vulnerabilities, Android is far from immune, I know first hand because I own one. You wanna poke fun but the joke's on you
Yeah have you tried running 6 on 3GS? If so I hope you like your lags.

Reply

Show more comments

Be In the Know

Most Popular