Apple rolled out its iOS 9.0.2 update to the public on Wednesday, but one thing its release notes did not tell us is that the update fixed a major lock screen security flaw that allowed access to our devices without a passcode.
Discovered back in September, the flaw allowed anyone to access the contacts and photos stored on an iOS device protected by a passcode and Touch ID without actually unlocking it. The simple trick required you to enter the passcode incorrectly several times, then invoke Siri.
The problem only affected iOS devices with four- or six-digit passcodes, and it could be eliminated by disabling Siri at the lock screen. But it was still a concern, and the flaw was present in both the initial release of iOS 9, and the more recent iOS 9.0.1 update.
Thankfully, it’s not present in iOS 9.0.2. Although Apple’s release notes do not mention it, the flaw is fixed in the update that was rolled out this week. If the other fixes and improvements weren’t enough to convince you to update already, then, perhaps this will.
You can update your iOS device either by plugging it into iTunes, or going to the Software Update section inside the Settings app.