Windows 10 Mobile Hole Allows Bypass

Tuesday, February 14, 2017 @ 05:02 PM gHale


A vulnerability in Windows 10 Mobile that allows anyone to bypass the security code and access the photo gallery.

The issue affects those running either production or preview builds shipped as part of the Windows Insider program.

RELATED STORIES
Trojan Hits Android Devices
Apple Patches Holes in Devices
Android RAT Looks Like Netflix App
Android Malware Purchases Apps on Sly

While at the moment it looks like the latest Windows 10 Mobile Redstone 2 preview builds are not affected by the flaw, Brazilian site WindowsTeam found the security bug that pretty much anyone can bypass the passcode of a Windows phone using just a few simple steps that eventually provide access to photos.

To exploit the bug, all you have to do is open the camera while the device is still locked using the camera shortcut on the lock screen, take a photo and then open it using the little thumbnail in the left lower corner. Once you open the pic, delete it using the trash bin icon on the screen and press the back button on your device.

The thumbnail should turn black, so tap it just like you’d want to preview a photo. Press the back button once again and then attempt to open the picture one more time using the same black thumbnail. Once you do that for the third time, you should be able to swipe through the entire photo gallery that’s stored on the phone.

While the issue is not quite a major security flaw because it only exposes the stored photos and not other data, it’s still something Microsoft needs to take care of as soon as possible.

Microsoft is aware of the issue and it will end up eventually releasing a patch.



Leave a Reply

You must be logged in to post a comment.