Anyone Can Access Your Photos on Windows 10 Mobile Without a PIN Thanks to a Lockscreen Bug

Author Photo
Feb 13, 2017
16Shares
Submit

A lock screen bug has been discovered in Windows 10 Mobile that exposes user photos to anyone. The bug that appears to affect both the Production and Insider builds was first discovered by @wallace_cane and was reported by the Brazilian site Windows Team.

Windows 10 Mobile lock screen bug exposes your photos

While it was assumed that the Windows 10 Mobile security bug affects only those in the Insider program, it works on the production ring too. Wallace spotted this bug on a Lumia 930 running Windows 10 Anniversary Update. The bug allows anyone to see pictures in your camera roll without knowing your PIN code.

Related OnePlus 5 Case Renders Show Vertical Rear Dual Camera, Oval Fingerprint Sensor; No Details On Overall Design

Here’s how the Windows 10 Mobile PIN workaround works:

  1. With the device locked, take any photo.
  2. Now, using Preview Thumbnail in the lower left corner, tap to preview the image you just captured.
  3. Delete the image.
  4. Tap the Back button to return to the Camera app.
  5. Again tap on the Preview Thumbnail, which still shows the recently deleted photo in the thumbnail.
  6. However, instead of the picture, you will be shown a black screen.
  7. Press the Back button yet again and use the Preview Thumbnail for the third time.
  8. Instead of the deleted photo or a black screen, you should now be able to preview all the photos and videos in the camera roll without the need of a PIN code.

In the Feedback Hub, the issue is marked as “We’ve got it.” The folks at Neowin have also confirmed that the bug appears to be fixed in the latest preview builds in Slow and Fast rings of the Insider program. An Insider Program member said that in the latest Creators Update Preview build, the Windows Camera app no longer shows the Preview Thumbnail once you delete the last taken picture.

Related [UPDATE: Affected Devices Now Getting Whitelisted] Google Reportedly Blacklisting Pixel Phones Purchased Through Project Fi

It appears that the workaround will no longer work with Windows 10 Mobile Creators Update. However, it isn’t immediately clear if Microsoft will send a patch to fix it sooner with an upcoming cumulative update.

Submit