Apple has released iOS 9.0.2, a minor maintenance and security update to iOS 9 that includes fixes for a number of lingering problems, including a flaw that allows unscrupulous individuals to bypass the lockscreen by exploiting Siri to get to a user's photos and contacts.
The security flaw, which was first documented by YouTube user videosdebarraquito, was initially considered fake by some users. The video shows hackers who have physical access of an iPhone can bypass the lockscreen by entering four different passcodes into the lockscreen. On the fifth try, hackers enter the first three digits, hold down the home button to activate Siri, then enter the fourth passcode digit. With Siri now activated, anybody can access the user's photos and contacts even without passing through the lockscreen.
The complexities of executing the flaw led some users to believe it isn't real. That's because hackers have to be fast enough so they don't get locked out permanently. However, Apple considers the flaw a real threat to the security of its users, acknowledging that persons with "physical access to an iOS device may be able to access photos and contacts from the lockscreen." By "restricting options offered on a locked device," Apple has finally closed the security hole to prevent hackers from exploiting Siri.
iOS 9.0.2 also includes fixes for other minor problems, including a bug that messes with users' ability to turn on or off cellular data for specific apps, a problem that prevented some users from using iMessage, and an iCloud issue that interrupts an iCloud backup when a manual backup is started. The update also fixes a glitch that makes the screen rotate when receiving notifications and improves the stability of the Podcasts app.
iOS 9.0.2 arrives just a week after iOS 9.0.1, which failed to fix the lockscreen vulnerability. It is also likely the last minor update before Apple unleashes iOS 9.1 in the next few weeks. The first major update to the mobile OS will include a host of new, interesting features, such as always-on Siri and a new emoji pack.
Meanwhile, Apple has stopped signing code for iOS 9.0 and iOS 8.4.1, which means users who have already upgraded to iOS 9.0.1 or iOS 9.0.2 will no longer be able to go back to older versions of the OS.