Bradley Williams, a security researcher has discovered a vulnerability in iOS 7 that can allow the disabling of ” Find My iPhone” without having to enter a password. This new vulnerability allows someone who has access to your i-phone to quickly disable “Find My iPhone” service, which is used to track the location of all registered iOS devices. iCloud’s protective service will not be able to locate once this service is disabled.
After the service is disabled, the bad guy can also to switch the phone to another iCloud account, gaining the ability to remotely install apps potentially stealing any data from the device.In a normal instance, user needs a password to deactivate Find My iPhone. Hackers have displayed that they can bypass that security step without having to guess, steal or even bypass your Apple ID password.
A video was demonstrated how by adjusting the Apple ID and password fields in the iOS settings, how the Find My iPhone service can be turned off :
This vulnerability may not pose a major threat because the hacker must have physical access to the device and the device must not have passcode or fingerprint enabled.
