Earlier in the month, Russian security firm Elcomsoft discovered a major security loophole in the recently released iOS 10 update, which compromised the iCloud backup data.
Taking cognizance of the report, Apple investigated the issue and it has now confirmed the existence of the vulnerability and promised to release the software patch soon.
Risk found in iOS 10:
Elcomsoft's Oleg Afonin claims that that iOS 10 has a weak protection system. The company's security experts were able to bypass security checks during iCloud backup procedure done through a PC or Mac.
"We discovered an alternative password verification mechanism added to iOS 10 backups. We looked into it, and found out that the new mechanism skips certain security checks, allowing us to try passwords approximately 2500 times faster compared to the old mechanism used in iOS 9 and older," Afonin said on his official blog.
As of now, there is no word on when exactly the new iOS update will be released, but until then, users are advised to change their password with a good mix of special characters to strengthen the security level.
Though Apple has released iOS 10.1 beta version to the developers, we believe the company might release an incremental iOS update v10.0.3 to fix security glitch in iCloud backup system, as it requires immediate attention.
"We're aware of an issue that affects the encryption strength for backups of devices on iOS 10 when backing up to iTunes on the Mac or PC. We are addressing this issue in an upcoming security update. This does not affect iCloud backups," Forbes quoted Apple spokesperson as saying.
In a related development, Apple, a few days ago released iOS 10.0.2 to fix nagging EarPods lightning connectivity glitch.