- There is a big flaw in iOS 11 that Apple hasn’t patched yet
- The flaw lets an attacker gain access to Photos folder on victim’s iPhone
- The vulnerability can only be exploited in a certain circumstance
A potential vulnerability found in the latest version of iOS mobile operating system can give anyone access to the Photos folder on your iPhone, according to a widely circulated video on YouTube.
The vulnerability, first reported by YouTube channel iDeviceHelp, affects iOS 11.0.3, the newest version of Apple’s mobile operating system for general public, and iOS 11.1 beta, the preview version of the mobile operating system that Apple made available to developers this month.
According to iDeviceHelp, if an iPhone user has the target device in their possession and knows the device’s phone number or Apple ID, then they could exploit what appears to be a bug in iOS to gain access to the photos saved on the victim’s iPhone. We tried the exploit out on an iPhone 8 Plus running iOS 11.0.3, and were able to gain access to the Photos folder without entering a passcode, as claimed by the report.
So here is how it goes: the attacker gives the victim a FaceTime Audio call, but instead of accepting or rejecting the call, the attacker taps the “Message” button and selects the Custom option. Tapping on Custom option prompts the Message app to open, after which the attacker is required to randomly select three emoji characters.
Once done, the attacker hangs up the FaceTime call, and taps the Home button to trigger Siri and ask it to open Settings. At this point, Siri will ask the attacker to unlock the victim’s iPhone. iDeviceHelp notes that the attacker now needs to press the power button to put the phone in sleep mode.
When this has been done, the attacker needs to make another FaceTime Audio call from their iOS device to the victim’s handset. Once the victim’s device gets the call notification, they need to tap the Message button again and then select “Custom” setting.
At this point, iDeviceHelp notes, that the attacker will find that they have complete access to Message app, and they can open the Photos folder and select and send any images from the victim’s device.
Until Apple works on fixing the patch, a user could potentially try to disable Siri access from lock screen as a stop-gap solution to prevent anyone from accessing their device’s data. As we mentioned, both the attacker and victim need to be using an Apple device, as the exploit requires the outgoing message to be an iMessage, and not a regular SMS.