Apple Remotely Fixes Siri Security Vulnerability

Apple Remotely Fixes Siri Security Vulnerability

Posted by · 9997 views · Translate

Apple has remotely fixed a security vulnerability with Siri that allowed access to a user's contacts and photos without a passcode.

We posted on the flaw yesterday as discovered by Jose Rodriguez. The procedure involved using Siri to initiate a Twitter search then using a 3D Touch gesture on contact information to bring up the Quick Actions menu. Tapping Add to Existing Contact brought up your full contact list and adding a photo to the contact brought up your entire photo library.

Apple has now blocked the ability to perform a Twitter Search without entering your passcode first. This resolves the security risk but may annoy some users who use that feature frequently.

Please follow iClarified on Twitter, Facebook, Google+, or RSS for updates.