Russian software company Elcomsoft said it has discovered an iOS 10 security flaw that could put many iPhone users at risk. Elcomsoft classified the security flaw as "severe," noting the issue affects the iOS 10 backup protection mechanism.
The company stated the iOS 10 backup protection mechanism "skips certain security checks," making it easier for hackers to access password-protected backups than past iOS releases.
"We discovered a major security flaw in the iOS 10 backup protection mechanism," Elcomsoft wrote in a blog post. "This security flaw allowed us developing a new attack that is able to bypass certain security checks when enumerating passwords protecting local (iTunes) backups made by iOS 10 devices."
Elcomsoft also noted that the security flaw enables hackers to access password-protected backups created by iOS 10 "approximately 2500 times faster compared to the old mechanism used in iOS 9 and older."
iOS 10 Security Flaw Allows Brute Forcing iTunes Backup Password ‘Approximately 2500 Times Faster’ https://t.co/WXUvoSl3dD— iPhone Hacks (@iPhoneHackx) September 25, 2016
Although iOS 10 has been available for only a few weeks, some iOS users anticipated that there would be security problems with the operating system.
Just installed iOS 10. I eagerly anticipate the first panicked patch after a critical security flaw is exploited!— East Bay Ry (@EastBayRy) September 14, 2016
Meanwhile, many iOS users have questioned how the security flaw will be resolved.
"It might be best to wait for an updated version of iOS before you back your phone up."— Daniel Jalkut (@danielpunkass) September 26, 2016
Funny security advice.https://t.co/0AvmOwIEfL
Numerous questions were raised about who may have already been affected by the security flaw as well.