[ad_1]
Apple released its latest iOS 12.1 update on devices earlier this week, and security researchers have already discovered a new lockscreen bypass. The exploit allows access to all contact information on an iPhone. It consists of activating a FaceTime call and accessing the new FaceTime group feature to display contact information without code.
This feat only works on iOS 12.1 and was discovered a few hours after the release of Apple's update on Tuesday. We have tested this feat and can confirm that it is running on iOS 12.1. This results in another lockout bypass in the previous iOS 12.0.1 update, which allowed attackers to steal recent photos from a device. Both attacks require physical access to an iPhone and are particularly troublesome for victims of domestic violence or anyone leaving an unattended phone in a shared space.
Apple has a long history of lockscreen workaround bugs. A bug in iOS 6.1 in 2013 allowed attackers free access to phone records, contacts, and photos. iOS 7 also had a similar security vulnerability, and the researchers found a fairly elaborate way around the iOS 8.1 lockscreen just a few years ago. LockScreen bugs with iOS are almost as common as DST (Daylight Saving Time) bugs, which Apple has fought over the years.
Source link
