A newly discovered iPhone vulnerability can bypass your lockscreen code, but it will probably not affect you anytime soon. Security researcher Benjamin Kunz Mejri from Vulnerability Laboratory stumbled upon an authentication issue that affects iPhones and iPads running iOS 8 and iOS 9.
Using this security hole, hackers could in theory access the data behind your lockscreen password. But in practice, the procedure is a little more complicated than that, as hackers would have to gain physical access to the iPhone or iPad in question. Furthermore, they would have to be able to manage an unlocked iOS device for a few minutes, which means the target would likely trust the hacker with the smartphone or tablet.
Finally, the hacker would have to remember a rather tedious “activation” method. And then they would have to leave with the device without the target noticing.
“The security vulnerability allows local attackers to bypass passcode lock protection of the apple iPhone via an application update loop issue. The issue affects the device security when processing to request a local update by an installed mobile ios web-application,” the security expert explained. A video of this feat also follows below, showing how the trick is achieved.
Kunz reported the threat to Apple back in late 2015, but the issue is still present, Security Affairs notes.