Apple has been left red-faced again after a fresh security breach was discovered in the iPhone’s software the day after it released an update fixing the last one.
The new vulnerability differs from the passcode bug fixed by the latest iOS update but it too gives unauthorised access to the phone’s contacts and photos.
It emerged after the Silicon Valley firm released iOS 6.1.3, which put a stop to hackers who discovered a simple combination of button presses to bypass the phone’s lock screen.
The new lock screen bug is slightly less complicated and involves ejecting the iPhone’s SIM card while using its built-in voice controls to make a phone call.
It was revealed by YouTube user videosdebarraquito, who posted a video detailing the procedure. That’s the same phone enthusiast who spread the word about the earlier exploit, again via YouTube.
The latest video shows the exploit executed on an iPhone 4 but it seems the bug applies to most modern iPhones, ars technica reported.
The hack involves activating voice dialling mode from the lock screen and instructing the phone to make a call, then ejecting the SIM card at just the right moment.
That brings up the phone’s dialling pad, from where the contacts list can be accessed and, via that list, the owner’s photos.
Iphoneincanada replicated the hack on the same model phone, while TheNextWeb managed it on an iPhone 4S but not an iPhone 5.
iPhone 5 users should still beware, however, since German site iPhoneblog.de claims to have carried out the hack on Apple’s latest smartphone offering.
Siri does not appear to be the culprit allowing unauthorised access to the phone, instead the exploit is carried out through Apple’s Voice Control feature which predates the virtual assistant.
Videosdebarraquito recommends turning off the ‘Voice Dial’ feature to keep personal information safe, but if Siri is enabled for lock screen functionality the exploit doesn’t work either, according to ars technica.
The video detailing the hack was published just yesterday but has already attracted more than 120,000 views.
Apple has yet to comment.