An iOS vulnerability that permitted nefarious people to gain access to Contacts and Photos data has been fixed swiftly without the need for a software update. A server-side fix has patched a security hole in Siri which allowed the personal digital assistant to use email links in tweets to gain access to contacts and photos on a locked iPhone 6s running iOS 9.3.1. Apple has confirmed to The Washington Post that it’s fixed the flaw on its servers.
First spotted by Jose Rodriguez, who last September found a similar flaw in iOS, and highlighted by The Daily Dot, Apple’s mobile operating system contains a vulnerability that lets others access your Contacts and Photos using Siri on the Lock screen of your iPhone 6s, bypassing your passcode.
Fortunately, there’s an easy fix for this which involves revoking Siri access to Twitter and Photos and disabling Lock screen access to the personal digital assistant. Apple has not commented on the bug, which will likely be squashed in an upcoming software update.
Ten days after releasing iOS 9.3 to the public, Apple has released iOS 9.3.1 today to fix an issue where some devices would crash or become unresponsive after tapping on some web links. Holding build number 13E238, iOS 9.3.1 is available now via an over-the-air update or via iTunes to all devices capable of running iOS 9. It is also available for download now from our Downloads section.