News 

The vulnerability relies on the one physical button on the front of the phone, the Home button, being configured to access Favorites when double-clicked.

When an iPhone is password protected it is always possible to make emergency calls by tapping the relevant icon on the password entry screen. But with the Home button set to Favorites, tapping the emergency call icon, then double-clicking the Home button brings up the list of contacts that have been tagged as Favorites.

From there, you can tap the arrow next to a contact’s name, giving access to email and thence to all the phone’s features, according to the flaw’s discoverer.

The problem does not occur if the Home button double-click is set to the Home or iPod options in the iPhone’s General settings.

The vulnerability has been reported in iPhone software 2.0.1 as well as the latest 2.0.2 version.