Just a day after Apple released an update to fix a lock screen bug that allowed access to photos, emails and other apps to anyone that grabbed the handset, here is another discovered by Dany Lisiansky, now on iOS 7.0.2.
You may recall that there was an iOS 6 bug that involved Voice control to bypass the lock screen passcode. This time, in iOS 7.0.2 we can see something similar, but with multiple factors such as Voice Control/Siri and FaceTime. Thanks to this flaw, anyone with your iPhone in their hands can access your photos, emails, messages, and call history.
While the video doesn’t show which version of iOS 7 Dany has on his device, Dany has confirmed via Twitter that he is running iOS 7.0.2, as well as iDownloadBlog. We have tested this flaw following the steps described by Dany, and it works. This bug may also be present on iOS 7.0 as well.
Here are the steps as described by Dany to reproduce the bug:
1. Make a phone call (with Siri / Voice Control).
2. Click the FaceTime button.
3. When the FaceTime App appears, click the Sleep button.
4. Unlock the iPhone.
5. Answer and End the FaceTime call at the other end.
6. Wait a few seconds.
7. Done. You are now in the phone app.
While we are waiting for Apple to acknowledge this bug, as a workaround you can simply disable Siri access from the Lock Screen by going to Settings>General>Passcode Lock>Allow Access when locked. That’s it.