Apple‘s iOS platform is typically touted for its heightened security when compared to other platforms such as Android. However, iOS has its share of vulnerabilities. The latest among these is a lockscreen passcode vulnerability which is present in iOS 7.1.1 devices.
Lockscreen is the primary bulwark of iOS security. This is where most attackers, intruders and hackers are stopped short of their attempts to break into your phone and access your data, in case they somehow are able to lay their hands on your iPhone. However, if they manage to bypass the lockscreen, that puts your iPhone data in imminent danger.
In the case of iOS 7.1.1, the lockscreen is vulnerable if you have enabled Control Center access on it. With this access, if you then get a missed call notification in the Notification Center, a possible intruder will be able to exploit that and gain access to whatever app is running on the phone, behind the lockscreen. This means that even with this bypass, the intruder will only be able to access one single app on the iPhone, but since it can be any app, the vulnerability puts your data at risk.
The video posted below shows a proof-of-concept version of the vulnerability. Typically, it takes Apple some time to register the discovery of such a new exploit and then roll out a security update to patch it. Meanwhile, what you can do to secure your handset is avoid using Control Center access on lockscreen.
You can end this access by going to the Control Center in Settings and disable Access on Lock Screen. Similarly, go to Notification Center in the Settings and disable Notifications View under Access on Lock Screen. This will ensure that until Apple takes care of the vulnerability, your handset is secure from the exploit.
Courtesy: Redmond Pie