U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

The recent iOS 9.0.1 Update fails to fix the Lock screen Bypass flaw

Apple recently released its first update to the new iOS 9, but experts noticed that it doesn’t fix the lock screen bypass vulnerability. Apple has already released its first update for the release iOS, the version iOS 9.0.1 was issued last week to fix a number of bugs. Last week Jose Rodriguez reported the lock screen bypass vulnerability affecting […]

The recent iOS 9.0.1 Update fails to fix the Lock screen Bypass flaw

Apple recently released its first update to the new iOS 9, but experts noticed that it doesn’t fix the lock screen bypass vulnerability.

Apple has already released its first update for the release iOS, the version iOS 9.0.1 was issued last week to fix a number of bugs.

Last week Jose Rodriguez reported the lock screen bypass vulnerability affecting the iPhone devices, today I have to inform you that the last update doesn’t fix the security issue.

The flaw is considered serious because it allows bypassing the lock screen mechanism that protects the iPhone and the iPad from unauthorized access. An attacker can access users’ contacts and personal photographs bypassing the lock screen mechanism implemented in iOS 9.0 and iOS 9.0.1 versions.

ios 9

Rodriguez has published a step-by-step guide to bypass the lock screen mechanism that normally requests the passcode on iOS 9 and iOS 9.0.1 devices.

Let me remind you that the attack relies on the Apple’s personal assistant Siri, other security experts have verified the lock screen bypass vulnerability affects all iOS versions from iOS 5.1.1 to the latest released iOS 9.0.1.

 

The lock screen bypass vulnerability works on all iOS versions from iOS 5.1.1 to the latest released iOS 9.0.1.

Waiting for a patch, iOS users can disable Siri on the lock screen by modifying the settings of the device from

Settings > Touch ID & Passcode

Once disabled, users will be anyway able to continue using Siri after unlocked their iOS 9 based device.

[adrotate banner=”9″] [adrotate banner=”12″]

Edited by Pierluigi Paganini

(Security Affairs – iOS 9.0.1, Lock Screen Bypass flaw)

[adrotate banner=”5″]

[adrotate banner=”13″]