Got password protection enabled on your Apple iPhone? Recently we’ve discovered there’s a real easy way for attackers to skip the password prompt screen and get access to your contacts, browse the Internet, read all your e-mails, and even make a calls. Luckily, there’s a fix/patch released for that security hole.

According to Ars Technica, posters on the MacRumors forums discovered the security hole, and it’s a pretty big one.

First, for those of you who don’t password-protect your Apple iPhones (and if you don’t, you should), here’s the security hole: The moment you wake-up your Apple iPhone, a numeric pad pops up, prompting you for a four-digit passcode—no password, no joy. There’s also an Emergency Call button that lets you call 911 in an emergency. Here comes the trick: You can access the password settings under Settings, General, Passlock Code; (You should typically set your Apple iPhone to require the passcoode after 15 minutes of inactivity).

Next, If you double-click the Home key while in the Emergency Call screen, the Apple iPhone will default to your Favorites menu. From there, an attacker could access your e-mail (it’s easy—just click a contact’s email address, click “Cancel” from the new message screen, and you’re good to go), browse the Internet(either through a contact’s URL, or through URLs found via Google Maps), and even make calls (just dial a contact’s number, then add a call—any call).

Reportedly, Apple already knows about the security hole and is working on a software fix. However, Ars Technica already has a simple tip for this: You just need to change the double-click preferences for the Apple iPhone Home button (Settings, General, Home Button) to “iPod” (attackers can watch you videos and listen to your tunes, but that’s all), or—even better—to “Home,” which simply brings the Apple iPhone back to the password prompt screen.

So, what do you think of this?