Bug in iOS 7 allows calls to be placed from locked iPhone
AppleInsider Staff
AppleInsider may earn an affiliate commission on purchases made through links on our site.
Another security flaw has been discovered in Apple's iOS 7, this time exploiting a bug in the emergency calling system that allows anyone to bypass an iPhone's passcode lock to make a phone call.
The bug was found by Karam Daoud and reported by Fortune, which noted the emergency call exploit has According to the report, a nefarious user can place a phone call to by entering any number in the emergency call pane and repeatedly pressing the call button. After a number of taps, the button "sticks" and iOS appears to crash, but the call will go through. The bug allows both local and international calls to be placed. AppleInsider was able to replicate the process on an iPhone 5 running iOS 7.
The discovery comes after a separate issue was uncovered on Thursday that exploits a glitch in Command Center to bypass iOS 7's lock screen security protection. That problem is easily rectified, however, by turning off the feature's lock screen access in Settings.
As with any new operating system release, the first version is bound to have a few issues that were not unearthed during beta testing. For example, Apple's Safari app in iOS 6 contained a Smart App Banner bug that reenabled JavaScript without user consent, potentially opening devices to security breaches.
Apple has been informed of the latest exploit and will likely issue a patch with the next software update.
