Apple has reportedly fixed a vulnerability that could have allowed hackers to bypass the passcode on iPhone 6s and 6s Plus running iOS 9.3.1 in order to access the address book and photos.
The bypass technique was discovered by researchers from German security firm Evolution Security and takes advantage of Siri’s integration with apps like Twitter or Facebook and the new 3D Touch feature that’s only available on the iPhone 6s and 6s Plus models.
On a locked device, attackers can call up Siri and ask to search for items that contain @ tags using Twitter, Facebook or Yahoo. Then they can locate a string like an email address and use the 3D Touch hard push to bring out the context menu for it.
To read this article in full or to leave a comment, please click here