Apple has announced a software update for its latest mobile operating system iOS 6.1 after hackers published a video showing how to unlock any iPhone running it.
The YouTube video and an accompanying explanation details a relatively simple combination of button presses which can quickly bypass the phone’s password screen.
Once entered, it opens the main phone screen where any thief or snoop would be able to make calls, read and send messages, edit contacts, and go through stored data like photos and apps.
In a response to tech site AllThingsD, Apple spokesman Trudy Miller aknowledged the vulnerability and said the company was working on a quick fix.
“Apple takes user security very seriously. We are aware of this issue, and will deliver a fix in a future software update,” she said.
It is the latest embarrassment for the Silicon Valley tech company after another recent bug in the same operating system, iOS 6.1, was found to overload corporate email servers.
Business users trying to sync their contacts, mail and other content found themselves kicked off their company’s Microsoft Exchange servers, and Apple is yet to publish a fix for the problem.
Prior to that, a third bug in the .1 update to iOS 6 was found to cause problems with 3G network performance on the iPhone 4S. That was quickly fixed with a 6.1.1 update released exclusively to users of the 4S.
The video detailing the iPhone 5 passcode hack was published onto YouTube by videosdebarraquito at the end of January and has already been viewed nearly 350,000 times.
It tells how a rapid combination of emergency call, keypad, power button and cancel button taps will bypass the phone’s security, leaving it accessible to anyone.
In text accompanying the video, the user describes it as an “[e]asy trick that allows bypass an iPhone’s passcode and get full access (see and edit) to contacts list, list of recent calls, favorite contacts, and even make a call to any phone number on the hacked device and erase the log”.
The text details the precise combination of actions to carry out to exploit the vulnerability.
The user adds that you can use it “[f]or prank your friends. For a magic show… Use it as you want, at your own risk, but… please… do not use this trick to do evil !!!”.
It is not the first time Apple’s devices have been found to be vulnerable to such a trick. A similar bug allowed the same kind of access in gadgets running iOS 4.1, Gizmodo reported.
It took a month for Apple to release the .2 update to that operating system which removed the vulnerability.