Android has taken another step to cement its place behind Java in the world of repeatedly-vulnerable software, with German group Curesec discovering that an attacker can get past users' PINs to unlock the phone.
In fact, the Curesec post states, the bug – present in Android 4.0 to 4.3 but not 4.4 – exposes any locking technique: PINs, passwords, gestures or facial recognition.
“The bug exists on the 'com.android.settings. ChooseLockGeneric class'. This class is used to allow the user to modify the type of lock mechanism the device should have,” Curesec writes.
No comments:
Post a Comment