Wednesday, March 15, 2017

Microsoft Ignores Windows 10 Mobile Security Bug for Another Month

Windows phones aren't exactly a top Microsoft priority these days, despite the promise that 2017 would bring several "cool things" to mobile users, but as far as security is concerned, there's no doubt that the software giant has no reason to ignore it regardless of platform.

And yet, this is happening, as Microsoft is yet to patch a security vulnerability in Windows 10 Mobile that allows hackers to bypass the passcode and get access to the photo gallery.

As Neowin noticed, the most recent Windows 10 cumulative update, which is also available for mobile devices, does not bring any patch for the lock screen bug, leaving Windows 10 Mobile devices exposed should anyone want to get unauthorized access to the photo gallery.

The first time we reported about this security bug in Windows 10 Mobile was on February 14, but given the fact that Microsoft delayed last month's Patch Tuesday, a fix was expected in March. Without a patch included in this month's rollout, however, the next target appears to be April 11, when Microsoft is projected to ship new security updates to Windows devices.

Waiting for the Creators Update?

It's also believed that Microsoft could wait until the debut of the Creators Update to patch the vulnerability, though that means that smartphones could be left exposed for even longer than expected.

Windows 10 PCs are likely to get the Creators Update as soon as April 11, but Microsoft told us that smartphones won't be included in the initial rollout and are projected to receive the new OS version shortly after that. Therefore, if Microsoft doesn't fix the lock screen bug on the next Patch Tuesday, mobile users would have to wait even longer for an update.

On the good side, exploiting this security bug involves having physical access to the phone, so you should be safe if you always keep an eye on the device. Furthermore, other than accessing the photo gallery, no security risks are involved.


Source: Microsoft Ignores Windows 10 Mobile Security Bug for Another Month

No comments:

Post a Comment