iOS 9.0.2 Lock Screen Security Update
iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later
A person with physical access to an iOS device may be able to access photos and contacts from the lock screen
A lock screen issue allowed access to photos and contacts on a locked device. This issue was addressed by restricting options offered on a locked device.
As reported last week, 9.0.1 was released before a lock screen vulnerability could be addressed.
- 9.0.1 was issued over-the-air as an intended bug fix installment squelching wifi connection bugs, as well as squaring away some issues with photos, Safari and Alarms.
- Last Friday, a report of a lockscreen bypass using a button combo that invokes Siri using the long press gesture on the home button while entering the last 2 keys of a 4 digit pin…
- I haven’t been able to reproduce the bypass on a 6 key lockscreen passcode. Keep this in mind: I have witnessed some of the media used in reporting this exploit are doing so using a video that shows someone performing the technique on an iPhone with TouchID enabled…obviously using the biometric sensor the way it is supposed to used.
- The 4 key lockscreen bypass allows access to contacts and photos.