Android Lock Screens Can Easily Be Bypassed With New Exploit: Report

Advertisement
By NDTV Correspondent | Updated: 16 September 2015 20:33 IST

A new report by the University of Texas, Austin, has revealed an easy exploit hackers can use to bypass the lock screen of Android devices. The trick works on handsets running any OS version between Android 5.0 to Android 5.1.1 (but not the latest LMY48M build) with a password-based lock, even if encryption is enabled on the device. Google's latest Android distribution numbers peg the affected handsets at 21 percent of all active Android devices.

According to the study, hackers would first have to swipe left from the handset lock screen to open the camera app and access the 'Settings' page from the notifications panel. On tapping the Settings icon, the hacker would see the smartphone asking users to insert a password. The hacker can then dump a sufficiently long string of characters in the field, and as a result, the handset will crash to the home screen. "At this point arbitrary applications can be run or adb developer access can be enabled to gain full access to the device and expose any data contained therein," the report adds.

Advertisement

There are a few ways hackers could copy a large string of characters into the Android clipboard, and then paste it into the password prompt. The University of Texas study uses the emergency dialling field, and creates a long list of characters by copy-pasting a small sequence multiple times. The resultant long string can then be copied and pasted on the password prompt.

Fortunately, Google has addressed the particular vulnerability and last week started rolling out a fix as a part of its monthly Android security update with build number 'LMY48M', which featured several other fixes including for the Stagefright vulnerability. The fix for "Elevation of Privilege Vulnerability in Lockscreen (CVE-2015-3860)" has started rolling out to Nexus 4, Nexus 5, Nexus 6, Nexus 7, Nexus 9 and Nexus 10. However, it can take weeks or even months for the update to reach all the vulnerable Android devices. For those who want an immediate solution, they can switch to a PIN or pattern-based lock screen.

Advertisement

 

Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.

Advertisement

Related Stories

Popular Mobile Brands
  1. Vivo X500 Camera Details Surface Online After X500 Pro Max Leaks
  2. Here's Our First Look of the Nothing Phone 4b 'RCB Edition' Variant
  3. Flipkart GOAT Sale: Top Early Deals on Smartphones, Tablets and More
  4. iPhone 18 Pro Max Might Arrive With Apple's Biggest Battery Yet
  5. DJI Mic Mini 2S Launched With 32-Bit Float Recording, AI Noise Cancellation
  6. Amazon Prime Day Sale: Early Deals on Smartphones From Top Brands Revealed
  7. Garmin Forerunner 70, Forerunner 170, Forerunner 170 Music Debut in India
  8. Huawei Band 11 Series Over 100 Workout Modes Debuts in India: See Price
  9. Amazon Prime Day 2026: Early Deals on Galaxy S25 Ultra, OnePlus 13 and More
  1. Sony Reportedly Restructures Disc Factory After Announcing End of Physical Game Discs on PlayStation
  2. Redmi 17 5G NCC, SIRIM Certification Listings Reportedly Reveal Battery and Charging Details
  3. Samsung Galaxy S27, Galaxy S27+ Said to Feature 'Privacy Display'; Ultra Model Might Get Selfie Camera Upgrade
  4. Asus Vivobook 15 (2026) With Intel Core 5 Series 3 CPU Launched in India: Price, Features
  5. Bitcoin Climbs Above $61,600 as Weak US Jobs Data Boosts Crypto Investor Sentiment
  6. iPhone 18 Pro Max Might Arrive With Apple's Biggest Smartphone Battery to Date, Latest Leak Suggests
  7. Vivo X500 Camera Specifications Leaked; 64-Megapixel Periscope Telephoto Camera Tipped
  8. Lenovo Legion Y700 AI Tablet Confirmed to Launch in August; Company Teases Gaming Tablet's Design
  9. iPhone 18 Pro to Feature Apple's C2 Modem Globally, Qualcomm Chip in the US: Report
  10. Xbox Will Reportedly Allow Users to Digitise Physical Games, Ship Project Helix Without Disc Drive
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2026. All rights reserved.