Galaxy Note II security flaw

A security flaw in the Samsung Galaxy Note allows unauthorised users to bypass the lock screen. The flaw was discovered by Terence Eden on the Galaxy Note II running Android 4.1.2 The security flaw can be demonstrated by doing the following :-

  1. Lock the device with a “secure” pattern, PIN, or password.
  2. Activate the screen.
  3. Press “Emergency Call”.
  4. Press the “ICE” button on the bottom left.
  5. Hold down the physical home key for a few seconds and then release.
  6. The phone’s home screen will be displayed – briefly.
  7. While the home screen is displayed, click on an app or a widget.
  8. The app or widget will launch.
  9. If the widget is “direct dial” the phone will start ringing.

Using the flaw, sensitive information such as contact information can be divulged.

 

Comments are closed.