A bypass ‘exploit’ bug has slowly crept in the recently released iOS 12.1. This exploit lets anyone access the phone’s contacts.
Rendering the Face Unlock sorta useless, the bug makes it easy to gain access to any contact’s information on the device.
The bug was discovered just two days after iOS 12.1 was rolled out for iPhone users around the world. Here’s how the exploit works:
Say, “Hey Siri” and call another iPhone user. Once the person picks up the call, tap on the Face-Time option. Activate the Airplane mode without cutting the call. Tap on ‘Add a person’ option and that will give you access to all the contacts on the phone.
Tough luck for people who have already downloaded the update as there is no workaround at the moment.
People took to Twitter to voice their concerns over the quality checks that the products go through.
Not to mention the Voice Over bugs in the new iOS and Mac OS updates relating to group FaceTime. I don’t understand how people testing the public betas are unable to discover the bugs until the OS is rolled out.— Esoteric Quality (@EsotericQuality) November 1, 2018
With Apple bricking Apple watches, their updates haven’t been great.— Karl Meszaros (@xaviercross1971) November 1, 2018
Kernel exploit? Blobs? Jailbreak for future iOS 12.1.2 confirmed! *off to post*— Tom (@thedauf) May 20, 2017
Though not so worrying, these things are compromising. @Apple should make more efforts in this direction, because otherwise all the words in the direction of the protection of personal data from them don’t matter. It’s a pity!— Dimitar D. (@dimitroffmitko) November 1, 2018
This is not the first time that a bypass exploit has been found on iOS. The previous version of the operating system, iOS 12.0.1, allowed attackers to steal recent photos from a device.
Apple has not commented on the situation yet.