Apple has fixed a lock screen flaw that was present in all versions of iOS 9 and allowed someone to bypass the passcode lock screen to access contacts and photos. The fix has been made on the server side, so you don’t need to install an update.
A series of YouTube videos surfaced earlier this week to demonstrate the flaw, which used Siri and 3D Touch on iOS 9 through iOS 9.3.1. The break-in process took just a minute to execute, and it provided full access to contacts lists and the Photos app.
Even though it was just the iPhone 6s and iPhone 6s Plus that was affected by this, it was still a major security flaw that needed fixing quickly. Fortunately, Apple recognized this, and it was able to implement a fix on its own end that patches up the hole.
You won’t see a software update on your iPhone, then, but if you try the break-in trick today, it won’t work. As soon as you attempt to search Twitter using Siri, your iPhone will ask you for your passcode, which ensures only you can proceed.