Apple to release iOS 6.1.2 to address passcode vulnerability by February 20 -report

Posted:
in iPhone edited January 2014
Apple is already working on an update to iOS 6 to address a dangerous passcode vulnerability discovered earlier in the week, with one report claiming that the company anticipated issuing the update as early as next week.





German blog iFun published the latest information on the fix Friday, saying that iOS 6.1.2 will arrive early next week, and likely before February 20. iFun accurately predicted the launch of iOS 6.1.1, relying on the same sources that tell them 6.1.2 is on the way.

News of the lockscreen exploit hit the Internet Wednesday. Using the bypass method, one can view and modify an iPhone owner's contacts, listen to voicemail, and browse through their photos. The exploit does not, though, appear to grant access to email or the web.

Apple on Thursday acknowledged the vulnerability. The company, representatives said to the media, is hard at work on a patch, though they provided no hard details on when users could expect one.
«1

Comments

  • Reply 1 of 26
    blastdoorblastdoor Posts: 1,961member


    Ugh. Shouldn't have gone out with this bug. Doesn't speak well to Apple's QA process. This usage case is too common not to undergo testing. Somebody should get smacked for this.   

  • Reply 2 of 26

    Quote:

    Originally Posted by Blastdoor View Post


    Ugh. Shouldn't have gone out with this bug. Doesn't speak well to Apple's QA process. This usage case is too common not to undergo testing. Somebody should get smacked for this.   



    Have you read the article? the things you have to do to reproduce this so called "bug" are insane.  Apple of course has to jump on it to keep the media circus at bay.

  • Reply 3 of 26

    Quote:

    Originally Posted by Blastdoor View Post


    Ugh. Shouldn't have gone out with this bug. Doesn't speak well to Apple's QA process. This usage case is too common not to undergo testing. Somebody should get smacked for this.   



     


    "This usage case is too common". You really need to put a "/s" or a "¡" so people know you are joking. Your comment is obviously sarcasm.

  • Reply 4 of 26


    Looking forward to iOS 6.1.3.

  • Reply 5 of 26

    Quote:

    Originally Posted by Blastdoor View Post


    Ugh. Shouldn't have gone out with this bug. Doesn't speak well to Apple's QA process. This usage case is too common not to undergo testing. Somebody should get smacked for this.   



     


    "This would never happen if Steve were alive..."


     


    "Now we know what happened to the MobileMe team..."


     


    "Tim Cook is failing, there's been no innovation since he took over..."


     


    "This is the beginning of the end for Apple..."


     


    "It's the 1980s all over again..."


     


    "iOS isn't exciting..."


     


    "I love Apple, but it seems like they're making more mistakes..."


     


    /s

  • Reply 6 of 26

    Quote:

    Originally Posted by Slicksim View Post


    Have you read the article? the things you have to do to reproduce this so called "bug" are insane.  



     


    Not really. Clearly it would be difficult to find if you were unaware of the bug, but once you know the procedure (e.g. when it's all over the internet) it's fairly easy to exploit.

  • Reply 7 of 26


    I hope the Exchange issue is resolved as well. Not going to point fingers here. Just want this to be fixed.


     


    Apple says: http://support.apple.com/kb/TS4532


    Microsoft says: http://support.microsoft.com/kb/2814847

  • Reply 8 of 26


    Originally Posted by Euphonious View Post

    Not really. Clearly it would be difficult to find if you were unaware of the bug, but once you know the procedure (e.g. when it's all over the internet) it's fairly easy to exploit.


     


    See, that wasn't the point. He's claiming it's Apple's fault, when there is no reasonable expectation for them to ever have known about something like this.

  • Reply 9 of 26
    gazoobeegazoobee Posts: 3,754member
    A five day turnaround on a bug that isn't even a serious security issue is absolutely amazing. Nothing to criticise here at all.

    Conspiracy theory:
    Someone at Apple discovered this bug a while ago and kept it on hold until the jailbreak came out. This way Apple can release a fix for both and no one can say that Apple turned off the jailbreak on purpose because they have a perfect cover for the releasing an early fix. :)
  • Reply 10 of 26
    blastdoor wrote: »
    Ugh. Shouldn't have gone out with this bug. Doesn't speak well to Apple's QA process. This usage case is too common not to undergo testing. Somebody should get smacked for this.   


    This should be fixed no doubt but i wouldn't say this is even a remotely common use case. You have to execute a fairly large number of steps in a proper sequence to even have a chance of this happening. Plus someone would have to have physical access to your phone and have the knowledge to even attempt this. It is a vulnerability that is being addressed, but I doubt that anyone was adversely effected by this. At least until these tech sites and that idiot on You Tube showed everyone how to do this
  • Reply 11 of 26
    gazoobeegazoobee Posts: 3,754member

    Quote:

    Originally Posted by Tallest Skil View Post


     


    See, that wasn't the point. He's claiming it's Apple's fault, when there is no reasonable expectation for them to ever have known about something like this.



     


    I've heard that Apple was directly responsible for the Russian bolide this morning also.  image

  • Reply 12 of 26
    gatorguygatorguy Posts: 21,238member


    Another iOS6 oversight got more attention in the past few days, this one affecting teachers, schools or similar organizations trying to prevent users of Apple devices from installing unapproved content. 


     


  • Reply 13 of 26
    gazoobeegazoobee Posts: 3,754member

    Quote:

    Originally Posted by Gatorguy View Post


    Another iOS6 oversight popped up in the past few days, this one affecting teachers, schools or similar organizations trying to prevent users of Apple devices from installing unapproved content. 


     




     


    Interesting but I don't see this a s a big deal.  It's only a problem if you are locking down the devices with corporate level security which is not common in Educational Institutions.  


     


    It's far more likely that Educational users want managed devices, but still want the ability to install personal apps than it is to have an Educational user that want's to lock everythign down like Fort Knox.  Also, if they are managed devices, the content should be controlled through syncing and profiles.  The users shouldn't need access to the store for anything other than personal purchases so disallowing the store is actually a very good, albeit temporary, solution.  

  • Reply 14 of 26
    slurpyslurpy Posts: 5,187member

    Quote:

    Originally Posted by Euphonious View Post


     


    Not really. Clearly it would be difficult to find if you were unaware of the bug, but once you know the procedure (e.g. when it's all over the internet) it's fairly easy to exploit.



     


    And this is the fault of who, exactly? Click-whoring tech blogs who fell over themselves to publish the instructions and splash the headlines all over the place. It's irresponsible, but noone gives a shit about that anymore. It's a bug that one would never, ever discover by accident, requires physical access to your phone from someone who's taken the time to read how to accomplish it, and with malicious intent. Which is why Apple can be excused for letting it slip through- but these websites that published the instructions to the entire world shouldn't be excused for their irresponsibilty. 

  • Reply 15 of 26
    If you do the steps slowly it takes about a minute to do, not hard at all if you know what you are doing and there are not that many steps.
  • Reply 16 of 26


    Originally Posted by Gazoobee View Post

    I've heard that Apple was directly responsible for the Russian bolide this morning also.  image


     


    What are the odds of this wholly unrelated event happening in such close proximity to 2012 DA14? It's astonishing!


     


    I imagine they're… astronomical…

  • Reply 17 of 26
    blastdoorblastdoor Posts: 1,961member

    Quote:

    Originally Posted by Slicksim View Post


    Have you read the article? the things you have to do to reproduce this so called "bug" are insane.  Apple of course has to jump on it to keep the media circus at bay.



     


    Umm.... sort of. Basically I'm a total idiot. I had multiple windows open and thought I was commenting on the Exchange bug. That's the thing that should have been caught. 


     


    It is pretty weird that apple keeps having problems with getting through the passcode, though. It's not a problem of QA, but a problem of design. 

  • Reply 18 of 26
    macrulezmacrulez Posts: 2,455member


    deleted

  • Reply 19 of 26
    It should be possible to roll back. I'm losing 1% / 3min with 6.1.1 :(
  • Reply 20 of 26


    Does anyone know how this exploit/bug was discovered? Given the number of steps it seems unlikely that it was by chance

Sign In or Register to comment.