IoS 7 Vulnerability Allows ‘FIND MY IPHONE’ Security Feature to be Disabled without password


Warning: Illegal string offset 'filter' in /home/crypton1/public_html/mobilesecuritythreat.com/wp-includes/taxonomy.php on line 1409

Bradley Williams, a security researcher has discovered a vulnerability in iOS 7 that can allow the disabling of ” Find My iPhone” without having to enter a password. This new vulnerability  allows someone who has access to your i-phone to quickly disable  “Find My iPhone” service, which is used to track the location of all registered iOS devices. iCloud’s protective service will not be able to locate once this service is disabled.

After the service is disabled, the bad guy can also to switch the phone to another iCloud account, gaining the ability to remotely install apps potentially stealing any data from the device.In a normal instance, user needs a password  to deactivate Find My iPhone.  Hackers have displayed that they can bypass that security step without having to guess, steal or even bypass your Apple ID password.

A video was demonstrated how by adjusting the Apple ID and password fields in the iOS settings, how the Find My iPhone service can be turned off :

This vulnerability may not pose a major threat because the hacker must have physical access to the device and the device must not have passcode or fingerprint enabled.

Share Button

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title="" rel=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>