Samsung to issue Galaxy S3 lock screen bypass fix 'shortly' as Lookout releases fix

In the absence of a security fix for an easy Samsung Galaxy S3 lock screen bypass, security app Lookout has added a feature that prevents an attacker exploiting it.
Written by Liam Tung, Contributing Writer

The makers of a popular Android security app have released a fix for the recent Galaxy S3 lock screen bypass bug, with Samsung expected to issue its own update for the flaw "shortly."

The fix from Android security app maker Lookout can be used, via the app, to close off an attack that exploits a flaw discovered last week affecting Samsung's flagship Galaxy S3 running Android 4.1.2.

The bug allows an attacker in possession of the phone to bypass the passcode-secured lock screen. The bug can be exposed by cancelling an emergency call and hitting the power button on a locked device, giving access to data and apps on the device.

Samsung did not respond to ZDNet's request for comment at the time and the company is yet to confirm or deny whether it considers the issue a vulnerability.

However Lookout, which is installed on 30 million Android handsets, says Samsung will issue an update shortly.

"An official device patch is expected from Samsung shortly, and we recommend that users update their devices as soon as the patch is released," the company said on its blog.

ZDNet has asked Samsung again today for its assessment of the issue but had not heard back at the time of writing.

Lookout's fix was released on Monday on Google Play and is for Samsung Galaxy S3, Note II and S3 Mini.

The patch does not resolve the issue with Samsung's phones and is actually an update to the Lookout app, which now includes a feature that forces the emergency contact dialer to the forefront if it detects it's been pushed to the background.

"Lookout users are also protected if the phone is lost or stolen when using 'Lock' from Lookout's web app," it notes.

"When Lookout detects the emergency contact dialer has been backgrounded, we preemptively bring it back to the forefront so that the rest of the phone cannot be accessed."

Editorial standards