iOS 11 Bug Can Give Anyone Access to Your Photos

Advertisement
By Gadgets 360 Staff | Updated: 20 October 2017 17:41 IST
Highlights
  • There is a big flaw in iOS 11 that Apple hasn't patched yet
  • The flaw lets an attacker gain access to Photos folder on victim's iPhone
  • The vulnerability can only be exploited in a certain circumstance
iOS 11 Bug Can Give Anyone Access to Your Photos

A potential vulnerability found in the latest version of iOS mobile operating system can give anyone access to the Photos folder on your iPhone, according to a widely circulated video on YouTube.

The vulnerability, first reported by YouTube channel iDeviceHelp, affects iOS 11.0.3, the newest version of Apple's mobile operating system for general public, and iOS 11.1 beta, the preview version of the mobile operating system that Apple made available to developers this month.

According to iDeviceHelp, if an iPhone user has the target device in their possession and knows the device's phone number or Apple ID, then they could exploit what appears to be a bug in iOS to gain access to the photos saved on the victim's iPhone. We tried the exploit out on an iPhone 8 Plus running iOS 11.0.3, and were able to gain access to the Photos folder without entering a passcode, as claimed by the report.

So here is how it goes: the attacker gives the victim a FaceTime Audio call, but instead of accepting or rejecting the call, the attacker taps the "Message" button and selects the Custom option. Tapping on Custom option prompts the Message app to open, after which the attacker is required to randomly select three emoji characters.

Advertisement

Once done, the attacker hangs up the FaceTime call, and taps the Home button to trigger Siri and ask it to open Settings. At this point, Siri will ask the attacker to unlock the victim's iPhone. iDeviceHelp notes that the attacker now needs to press the power button to put the phone in sleep mode.

When this has been done, the attacker needs to make another FaceTime Audio call from their iOS device to the victim's handset. Once the victim's device gets the call notification, they need to tap the Message button again and then select "Custom" setting.

Advertisement

At this point, iDeviceHelp notes, that the attacker will find that they have complete access to Message app, and they can open the Photos folder and select and send any images from the victim's device.

Until Apple works on fixing the patch, a user could potentially try to disable Siri access from lock screen as a stop-gap solution to prevent anyone from accessing their device's data. As we mentioned, both the attacker and victim need to be using an Apple device, as the exploit requires the outgoing message to be an iMessage, and not a regular SMS.

 

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Advertisement

Related Stories

Popular Mobile Brands
  1. Tecno Pova 7 5G, Pova 7 Pro 5G Launched in India: Price, Availability
  2. Here's How Much the Vivo X Fold 5 and Vivo X200 FE Might Cost in India
  3. OTT Releases This Week: Kaalidhar Laapata, Thug Life, The Good Wife, and More
  4. Dolby Cinema Debuts in Pune With 4K Laser Projection, Dolby Audio
  5. Apple Plans to Launch M5-Powered MacBook Pro This Year: Report
  6. NxtQuantum Arrives as Made in India Mobile OS, to Debut on Its AI+ Phones
  7. YouTube Targets Repetitive Videos in New Monetisation Update
  8. Telegram Rolls Out Checklists, Suggested Posts and New Features in Channels
  9. The Good Wife OTT Release Date: When and Where to Watch it Online?
  10. Google to Offer $100 Cash or $150 Store Credit for Pixel 6a Trade-Ins
  1. Baidu’s MuseStreamer AI Video Generation Model Takes on Google’s Veo 3 With Native Audio Support: Report
  2. Chinese Sales of Foreign Phone Makers, Including Apple's iPhone, Drop 9.7 Percent in May
  3. Huawei Watch Fit 4, Watch Fit 4 Pro Launched in India With In-Built GPS, Up to 10 Days of Battery Life
  4. YouTube to Revise Monetisation Policy to Target Mass-Produced and Repetitive Content
  5. Google Pixel Buds 2a and Pixel Wireless Charger Tipped to Launch Alongside Pixel 10 Series
  6. Telegram Rolls Out Checklists, Suggested Posts and Monetisation Tools in Channels
  7. EA Is Shutting Down BioWare's Anthem Next Year
  8. NxtQuantum Announced as India’s Home-Grown Mobile Operating System, to Debut on AI+ Pulse and Nova 5G
  9. Tecno Pova 7 5G, Pova 7 Pro 5G Launched in India With MediaTek Dimensity 7300 Ultimate SoC
  10. Google Pixel 6a Owners Eligible for $100 Cash or $150 Store Credit Under Battery Performance Programme
Gadgets 360 is available in
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2025. All rights reserved.