Wednesday 16 September 2015

Android Vulnerability Allows Attacker Bypass The Screen Lock




Researchers at the University of Texas have discovered a vulnerability in Android 5.x could allow an attacker with physical access to bypass the lock screen of the device, even if the encryption is enabled. By first turn on the camera app and then typing a large number of characters in the password field allows an attacker to crash the lock screen, so that the home screen is displayed.

It is then possible to start any application or access can be enabled via ADB, in order to gain full access to the device. To carry out the attack, an attacker must have physical access and the user must have enabled a password. In the case of a PIN code or lock pattern, the attack would not work. Google was on June 25 informed by the researchers. On September 9 released Android 5.1.1 build LMY48M where the problem is corrected.

This update was last week among Nexus devices from Google itself rolled, but it is unknown when users of other Android devices will receive the update. Google develops updates for Android and can roll under its own Nexus devices. In other cases, users are dependent on their manufacturer or network provider before they get the update. A process that can sometimes take weeks or months.

No comments:

Post a Comment