Threat: Multiple Passcode Bypass Vulnerabilities Discovered in iOS 9
Solution: Disable the Siri module and Events Calendar without passcode, along with the public Control Panel with the timer and world clock. Users should also activate the weather app to prevent the redirect.
URL: http://www.securityweek.com/multiple-passcode-bypass-vulnerabilities-discovered-ios-9
This is a pretty big vulnerability that requires very little technical knowledge to exploit. The last vulnerability of this type I remember only allowed access to pictures and contacts.
I also wonder if the FBI could could explot this to unlock the iPhone they want from Syed Farook and the few hundred ones they have from other suspects for lesser crimes.
In addition as I look at the steps needed to completely disable this exploit, I hope Apple pushes out a security update soon. I can’t imagine many users actually taking the steps to disable everything necessary to protect against this.
