A recently discovered Android security flaw allows users to bypass the lock screen on most version of Android Lollipop. This vulnerability exists in Android 5.x and allows an attacker to crash the lock screen and gain full access to a locked device, even if encryption is enabled on the device.

The technique bypasses the lock screen by crashing it with any large enough password. All you need to do is work with that text while the camera app is open, and then enter it into the password prompt.

The exploit does not work if either you are using a PIN code or a pattern unlock. Google has fixed this issue in the “LMY48M” Android 5.1.1 build released last week for the Nexus 4, 5, 6, 7, 9, and 10.

The flaw can be exploited by adding a large number of characters to the emergency call window and then copying them to the Android clipboard. The hacker then swipes open the camera from the locked phone, accesses the options menu, and pastes the characters into the resulting password prompt. Instead of returning an error message, vulnerable handsets unlock.

Here is a video demonstrating how to exploit the security flaw.

This threat is not serious considering the hacker need to have physical access to your smartphone, but it is not far off. While Android device makers are getting better about timely security fixes, you may be stuck with a hardware that gets its patch either late or not at all.

Vulnerable users who cannot get an update or do not want to wait for one to become available can switch to a PIN or pattern-based lock screen. Unfortunately, a research paper indicates both PIN and Pattern Lock method are very predictable. So affected users are forced to choose between a flawed unlock method or a predictable unlock method. While this is not the end of the world by any stretch, it is not exactly comforting.

Fortunately, only smartphones running Android 5 was affected making the number of affected handsets is only a small fraction of the overall Android user base.

Source: University of Texas