14 DAY TRIAL // Several days ago, we reported on a security flaw discovered on Sony’s Xperia Z smartphone, one that could allow users to access all data on the device even without unlocking it, but it seems that a fix for it has already been found.
Coming from Bkav, the company that also managed to patch a similar security flaw discovered in Samsung’s Galaxy S III, the fix has already been included in the free version of the Bkav Mobile Security, and is available for download through the Google Play Store now.
The lockscreen bypass, found by Scott Reed, took advantage of an issue with the emergency call window, which enabled users to gain full access to the smartphone through entering the *#*#7378423#*#* code and accessing the Service menu.
There, one would simply need to go to Service tests, select NFC and hit NFC Diag Test. When pressing the home button, users were brought to the phone’s home screen, thus gaining access to all files on the device, without having to unlock it.
“This flaw on Xperia Z shares the same nature with Samsung lock screen bypass flaw on which Bkav has a detailed analysis,” the company announced.
“Bkav has analyzed and found out that Sony engineers have also made logical mistake on programming emergency call app, allowing users to access a menu inside the phone from lockscreen. It means a normal app (in this case the Service menu) is allowed to run even when the phone has been locked.”
The company explains that its solution blocks access to a menu inside the phone from the lockscreen, as detailed in the video below.
Using the front camera of the smartphone, Bkav Mobile Security will capture an image of the user trying to access the device upon detecting signs of intrusion attempts, and will also email the photo to the device’s owner.
Sony has yet to provide an official fix for this issue. In the meantime, however, Xperia Z users concerned about their privacy can now install Bkav’s software to protect their phones.
