Apple works to plug security hole in iOS 7

Attacker could gain access to user's photos, email, Facebook,Twitter accounts
Tools

Apple is working on a fix to security hole in iOS 7, which enables a hacker to bypass the lockscreen on iOS devices, reports AllThingsD.

Once an attacker is able to bypass the lockscreen, he or she is able to access an iPhone or iPad user's stored photos, as well as the email and web services accounts the owner uses to share the photos, the report explained.

"Apple takes user security very seriously. We are aware of this issue, and will deliver a fix in a future software update," Trudy Muller, an Apple (NASDAQ: AAPL) spokeswoman, told AllThingsD.

The hole was discovered by Jose Rodriguez, a 36-year-old soldier living in Spain's Canary Islands, who made a video showing how it's done, says Forbes' Andy Greenberg.

"As the video shows, anyone can exploit the bug by swiping up on the lockscreen to access the phone's 'control center,' and then opening the alarm clock. Holding the phone's sleep button brings up the option to power it off with a swipe. Instead, the intruder can tap 'cancel' and double click the home button to enter the phone's multitasking screen. That offers access to its camera and stored photos, along with the ability to share those photos from the user's accounts, essentially allowing anyone who grabs the phone to hijack the user's email, Twitter, Facebook or Flickr account," Greenberg explains.

iPhone and iPad users can thwart an attack by disabling access to the Control Center on the phone's lock screen function: Settings > Control Center > Access on Lock Screen.

For more:
- see the AllThingsD report
- check out the Forbes article

Related Articles:
Apple stomps dozens of bugs in OS X Mountain Lion, Safari browser
Apple's iPhone 5S beefs up BYOD security with fingerprint reader, Touch ID