Apple has acknowledge and fixed the bug that allows users to bypass passcode protected iPhone 6s and iPhone 6s Plus. The fix is believed to be done on Apple’s backend, so no software update is required this time round.
About a day and a half ago, user Jose Rodriguez found a security hole in iOS 9.3.1 that grants access to contacts and photos of a locked iPhone 6s/iPhone 6s Plus. The security flaw uses Siri with Twitter integration. With Siri activated either by long pressing the home button or via “Hey Siri” function, all the user has to do is ask the virtual assistant to search Twitter. If the result contains an actionable Contacts data, the user can then use 3D Touch to call up the contextual menu, and add the data to existing contact. This will open the Contacts list on iPhone, which also grants access to the Photos app when tap to add a photo to the contact.
You don’t have to update your operating system now or change anything in the Settings menu. The fix has already been done on Apple’s end, and now requires user to unlock the device before conducting searches on Twitter. According to 9to5Mac, Apple also fixed the bug that allows users to activate Night Shift Mode while on Low Power Mode using Siri. Now, when you are on Low Power Mode and wish to turn on Night Shift using the digital assistant, she will say “In order to turn on Night Shift, I’ll have to turn off Lower Power Mode. Shall I continue?”.
It’s only been a few weeks since Apple released iOS 9.3 update, but Apple has already updated it multiple times to address various bugs. The first was an update specifically for the iPad 2, the second was an update for older iOS devices that addresses activation bug, and just last week, Apple released iOS 9.3.1 to fix the bug that causes apps to freeze and crash when links are pressed.