Apple has recently released an updated version of its iPhone and iPad operating system – iOS 11. It brings fixes for that annoying static sound during calls (on iPhone 8 and 8 Plus) and a photo bug, which randomly removed photos from the gallery. While the earlier bug hid photos from your iPhone, a new bug in iOS 11.0.3, as reported by iDeviceHelp, grants strangers access to your photos even when the phone is unlocked.
The bug, which was initially described as a potential vulnerability, was later confirmed after a detailed video by iDeviceHelp circulated on the web. The video, along with the bug exploitation, also offered a detailed account of how precisely the bug works.
iDeviceHelp claims that if someone gets hold of your iPhone and has the device’s mobile number or Apple ID, then the bug would grant them access to the photos folder without any permissions. To prove that it was more than just a far-fetched theory, they experimented on an iPhone running the latest iOS 11.0.3 and were able to view pictures on the phone without unlocking the device.
How the Bug Works
Thankfully, the workings of the potential breach are quite complicated and tedious. The process starts with placing FaceTime Audio call and clicking the “Message” button instead of accepting or rejecting the call. Then the person must select the “Custom” settings option which prompts him to open the Message app. Then he has to randomly pick three emoji.
After completing the above process, the FaceTime call must be disconnected and Siri has to be asked to open the Settings tab. After which, the virtual voice assistant will ask you to unlock the device. Pressing the power button will activate the sleep mode and another FaceTime call has to be placed.
Then you tap the Message button and select the Custom option as soon as you receive the call notification. Once the Custom setting is selected, the person will have complete control over the Messages App and can view and send pictures by opening the Photos folder.
Here’s the link to the video that shows the steps explained above:
As you can see, it’s an extremely tricky process, but if someone knows the sequence, it won’t take him long to activate the bug.
Now, before you freak out, the video has also provided a temporary fix. According to the video, the safest bet to make in the current scenario would be to disable Siri access from the lock screen to prevent anyone from snooping around.
Hope Apple has taken note of the issue and will provide a solution in the upcoming iOS 11.1 update.