Apple confirmed that the exploit Rodriguez identified would be fixed in the next version of the operating system, iOS 13.1, which is due to be released on 24 September.

By Ian Horswill


Posted on September 20, 2019

A flaw in iOS 13, the new iPhone operating system Apple released on Thursday (US time) for the iPhone 11 release, exposes contact details stored in iPhones without requiring a passcode or biometric identification.

A hacker would need physical access to a target’s phone to finish the hack. Once the iPhone with the iOS 13 operating system is in their possession they would be able to bypass Apple’s standard security features like facial ID and access the iPhone user’s address book and see the contacts stored on the iPhone. They can also find the information on the most recent contacts with whom the phone user has been communicating with.

The new iPhone 11, iPhone 11 Pro and iPhone 11 Pro Max are released on 20 September and have the iOS13 operating system pre-installed. The iPhone 11 will cost US$699; the iPhone 11 Pro US$999, and the iPhone 11 US $1,099. Apple is promoting trade-ins of previous models to lower the cost.

ios_13_tim_cook_apple_tv_launch.jpg

Jose Rodriguez, of the Canary Islands, contacted Apple on 3 July suggesting that he had found a “passcode bypass” on the iOS 13 operating system, CNN Business reported.

Apple contacted him immediately and Rodriguez showed Apple about vulnerability of the iOS 13 operating system on a beta version of the software, he said.

Rodriguez provided copies of the emails and phone records of his correspondences with Apple to CNN Business.

Rodriguez went public with his findings, posing how he could hack the iPhone on YouTube, and CNN Business was able to replicate the exploit on Tuesday on iPhones that had updated to the official version of iOS 13.

Apple confirmed that the exploit Rodriguez identified would be fixed in the next version of the operating system, iOS 13.1, which is due to be released on 24 September.

The company previously moved the release date for that update forward from 30 September. The company declined to say if the work of Rodriguez had prompted the early release.

A similar bug was also found in the iPhone 10.