More than a month after security researchers pointed out a new passcode bug in iOS, Apple has patched it with the release of iOS 6.1.3. The software update, released over the air or via iTunes, is mainly aimed at addressing the security vulnerability that allowed attackers to get around an iOS device's passcode by performing a series of steps. Apple says that iOS 6.1.3 also comes with "improvements to Maps in Japan."
It was mid-February when reports began to spread that an old vulnerability in the iPhone's emergency call feature had resurfaced as part of iOS 6.1. As we wrote at that time, "[w]ith the right sequence of button clicking, it's possible to get to an iPhone user's voicemails, contacts, and photos—even if the iPhone is locked and password protected." A couple weeks later, different researchers pointed out another way to get around the iPhone's lock screen based on the same vulnerability. Apple released iOS 6.1.2 in the meantime, but it did not fix the passcode bug with that update.
As rumored, however, iOS 6.1.3 does in fact address the passcode lock screen vulnerability. Since this is a security concern that could affect many iOS device users, we certainly recommend installing it as soon as you get the chance. But be warned: if you've jailbroken your iOS 6.1.x device, we're hearing that 6.1.3 update fixes one of the security holes that enables the evasi0n jailbreak. In that case, update at your own risk.
Read on Ars Technica | Comments