ANDROID owners have been warned to update their smartphones immediately after an expert stumbled upon a potentially dangerous vulnerability.
Bug hunter David Schütz says he was able to bypass the lock screen on his Google Pixel devices with a few simple steps anyone can do.
He found it by accident when his Pixel 6’s battery was running low after 24 hours of travel.
It’s not clear if the same issue affects all Android devices, but it’s serious enough for OS owner Google to release an update that fixes it.
The bug can only be performed if someone physically has your phone, but it’s still a huge risk if thieves get their hands on it or even get into the hands of an abusive partner.
Corresponding Protectionthe strange error has everything to do with changing SIM cards.
First, you would have to intentionally enter three false fingerprint scans, temporarily disabling the biometrics.
At this point, a hacker can remove the SIM card and put their own in the phone.
You enter three incorrect PIN attempts, and then you’re prompted to enter a PUK (Personal Unblocking Key) code for the SIM card.
Once that’s done, you can enter any old PIN and gain access to the device.
“That was disturbingly strange,” he said.
“My hands started shaking at that point.”
The expert even tested it on a recent Pixel 5 to make sure it wasn’t an isolated case and he could still pull it off.
Schütz immediately notified Google, but it took about three months for a fix to be rolled out.
Apparently someone else had reported it before him, but the tech giant still paid Schütz $70,000 for his efforts.
“Although this error started as not too much experience for me, the hacker, after I’d ‘yelled’ loud enough, they noticed and were keen to correct what went wrong,” he said.
“Hopefully they treated the original reporter(s) fairly too. Ultimately, I think Google did pretty well, although the deadline still felt long to me.”
A patch for the bug — officially known as CVE-2022-20465 — was included in the November 5, 2022 security update.
Updates should be automatically enabled, in this case your device is safe.
If you have turned them off, you should download and install the latest update as soon as possible.
The best tips and hacks for phones and gadgets
Looking for tips and hacks for your phone? Want to find these secret features in social media apps? We’ve got you covered…
Get the latest news about WhatsApp, Instagram, Facebook and other tech gadgets here.
We pay for your stories! Do you have a story for The Sun Online Tech & Science Team? Email us at email@example.com
https://www.thesun.ie/tech/9727531/android-lock-screen-bypass-flaw/ Millions of Android owners have warned that anyone can bypass your lock screen – update your phone now