[Update: Fixed] Android M has a serious pattern lock security issue, a particular pattern lock can be unlocked in two different ways

  Update 2: Android 6.0 Marshmallow final release fixed this issue.
  Update: Reported this issue to Android security team. They said “Thanks for the report! This is a known issue, and has been fixed internally, as ANDROID-17751714.”

Check this commit for more details on the bug.

You’d be surprised to know that an operating system as mature as Android could have such a silly but quite serious lockscreen security issue. We just discovered a particular pattern lock on Android M developer preview release that can be unlocked with two different patterns.

Android M is a developer preview release so bugs/issues are to be expected, but a security issue with lockscreen is pretty serious, even for a developer preview release. Check out the video below to see it in action:

We discovered it on our Nexus 5 running Android M developer preview but we aren’t sure if it exists on Nexus 6, Nexus 9 and Nexus Player running the M preview release as well. If you’re running Android M on any of these devices, do let us know if the issue exists on your device also by setting a pattern lock as shown in the video & image above.

Posted by
Shivam Malani

Shivam is our resident designer and web developer who also enjoys writing. He loves to meditate, drive on the freeways and hunt for snipers during his Call Of Duty playtime. Email: [email protected]

6 Comments

  1. I reported this to the Android security team (like you have too, right?).

    Here’s what they said:

    Updates:
    Status: FutureRelease

    Comment #1 on issue 178470 by rig…@google.com: Android M Pattern Lock Security issue
    https://code.google.com/p/android/issues/detail?id=178470

    Thanks for the report! This is a known issue, and has been fixed internally, as ANDROID-17751714.

    1. Androiding Staff

      Yep, I did report this. They said the same thing.

    2. Just so you know, this issue is now fixed in Android 6.0 Marshmallow final release.

  2. I reported this to the Android security team (like you have too, right?).

    Here’s what they said:

    Updates:
    Status: FutureRelease

    Comment #1 on issue 178470 by rig…@google.com: Android M Pattern Lock Security issue
    https://code.google.com/p/android/issues/detail?id=178470

    Thanks for the report! This is a known issue, and has been fixed internally, as ANDROID-17751714.

    1. Androiding Staff

      Yep, I did report this. They said the same thing.

    2. Just so you know, this issue is now fixed in Android 6.0 Marshmallow final release.

Leave a Reply

Your email address will not be published. Required fields are marked *