The bug was revealed by several channels on YouTube. Siri is the channel by which it is achieved exploit the vulnerability.
iOS 9.3.1 , the update released last week, included the patch for bug this by clicking on links from Safari.However, the update also brought a bug even more dangerous than already listed several YouTube channels and information portals.
iOS 9.3.1 , the update released last week, included the patch for bug this by clicking on links from Safari.However, the update also brought a bug even more dangerous than already listed several YouTube channels and information portals.
Discovered by the site The Daily Dot , a video channel videosdebarraquito (which seems to be of Spanish origin), shows how, using Siri and making a query by voice on Twitter, you can access the pictures and the list of contacts stored on the device.
The vulnerability seems that only affects devices with 3D Touch, ie the iPhone 6S and iPhone 6S Plus.
To exploit the vulnerability, in the video shown as follows: first enter the wrong code (note that the device uses a four-digit code, not six); then invoke Siri and say "Hey Siri, searches Twitter". The user in the video says the words "frog, racket, ball", but in another video shows that this can work with any other word or search on Twitter.
To get results, you can simply press on any link and add the results to contacts. When trying to add to contacts, you can also access the pictures.The second video showing the vulnerability is in the channel EverythingApplePro .
Post a Comment