Apple introduced few more security measurers, besides the usual Passcode, to make the iPhone useless after it has be stolen or robbed in the latest iOS 7 version. Now the device asks you to enter password every time you want to disable the Find My iPhone and to deactivate the same Find My iPhone feature before restoring to new firmware. Moreover, new activation lock is also introduced which is attached with the Apple ID and password and which is required after every fresh restore. But a new bug is found in iOS 7.0.4 which allows the users to deactivate Find my iPhone without entering the password.
The only requirement of this bug to work is the access to settings app. So, if your device doesn’t have any passcode or TouchID enabled, it can be erased and wiped out of Google maps after disabling the Find my iPhone in the settings app by using few simple steps as shown in the video below.
Fortunately this bug is not found in iOS 7.1 when the same steps were replicated on the yet-to-be-released-firmware-for-public. iOS 7.1 is still in beta stage and recently Apple seeded the fifth beta of it to developers. So if you want to be on safe side, update your device to the latest firmware as soon as it is out. Till then, you are recommended to set a passcode or touchID.
This bug only disables Find My iPhone feature but doesn’t deactivate the activation lock. The device will still ask for associated Apple ID and password to be activated on the carrier.
When tested, both iPhone and iPad models were found susceptible to this new threat. After the finding of this bug, Apple would definitely try to release the new version as soon as possible. Now doubt Apple pays a lot of attention to security matters but even then one or two serious bugs are found in every release, after all no software is foolproof.