New Windows 10 Mobile vulnerability can allow hackers to bypass lockscreen and access the photo library

Still using Windows 10 Mobile? You might want to consider disabling Cortana on your lock screen as a newly discovered vulnerability will allow hackers to access your photo library using Cortana on Windows 10 Mobile. The good news is that the vulnerability affects only users who have Cortana enabled on the lock screen so you just need to disable it to make sure no one can access your photos.

Unfortunately, Microsoft won’t be patching the vulnerability and the company recommends users to disable Cortana on the Lock screen. To do that, you will need to follow the steps below:

  • Open the Cortana app from the applications screen.
  • Tap on the Menu button (3 horizontal bars) in the top left of the Cortana app.
  • Tap on Settings option.
  • Set the slider for the Lock Screen option to Off to prevent access to Cortana when the device is locked.

The vulnerability was discovered by the Israeli Institute of Technology and was reported to Microsoft in December of 2018. Microsoft decided not to fix the vulnerability because of the limited Windows 10 Mobile users and the physical access requirement to reproduce this issue. This is surprising since Windows 10 Mobile still hasn’t reached the End of Support but the workaround should keep you safe from the vulnerability. The reproduction steps already exist on the internet but we won’t link them here since it could be used as an exploit.