Ironically, a fairly simple exploit can be used to bypass the lockscreen on iOS 7 and gain access to photos already, but the bugs fixed in iOS 7 are, in cases, very serious. Some could be used as part of DOS attacks on devices, or even be used to execute arbitrary code which could potentially leave a device open to being taken over.
One flaw (CVE-2013-0957) could allow an attacker to break an app in the third party Sandbox and determine the user's passcode.
The update also fixed a widely reported flaw that allowed a modified charger to be used to hijack a device. Other bugs included s Safari bug that made previously-deleted history visible again and a memory corruption issue related to the handling of XML by the Apple browser.
For more information on the other bugs, check out this article by Chris Brook at ThreatPost.
Written by: James Delahunty @ 19 Sep 2013 22:18
