Millions of Android owners warned anyone can bypass your lock screen – update your phone now

ANDROID owners have been warned to update their smartphones immediately after an expert stumbled across a potentially dangerous security glitch.

Bug hunter David Schütz says he was able to bypass the lock screen on his Google Pixel devices with a few simple steps that anyone can do.

1

He found it by accident when the battery on his Pixel 6 had almost ran out after 24 hours of travelling.

It's not clear whether the same issue affects all Android devices, but it's serious enough for operating system owner Google to push out an update that fixes it.

The flaw can only be carried out when someone physically has your phone but it's still a massive risk if thieves get hold of it or even at the hands of an abusive partner.

According to , the weird bug is all to do with switching SIM cards.

Read More on The Sun

MAE-BY BABY

Pregnant Molly Mae reveals her and Tommy Fury's baby boy name

DOUBLE YOUR MONEY

Squeezed Brits in line for up to £1,100 boost under Sunak Budget plan

First you would need to deliberately put in three incorrect fingerprint scans, which temporarily disables the biometric features.

At this point, a hacker can remove the SIM card and put their own into the phone.

They enter three incorrect PIN attempts and are then asked to give a PUK (Personal Unblocking Key) code for the SIM.

Once this is done, you can enter any old PIN and you'll gain access to the device.

Most read in Tech

STAR WARS

'Mind-boggling' Chinese space weapons - from 'Death Star' to secret space plane

STARRY EYED

Northern Lights set for ‘once in a decade’ return to UK, reveals Met Office

MAKING A SPLASH

Vid catches elephant's surprise talent - and a cheeky prank by her zoo pal

UNSTOPPABLE DINO

World’s toughest dino had bulletproof armour, ‘best ever fossil’ reveals

"This was disturbingly weird," he said.

"My hands started to shake at this point.";

The expert even tested it on an up-to-date Pixel 5 to make sure it wasn't an isolated incident and he was still able to pull it off.

Schütz notified Google immediately but it took about three months until a fix was rolled out.

Apparently someone else had reported it before him but the tech giant still paid Schütz $70,000 for his efforts.

"Even though this bug started out as a not-too-great experience for me, the hacker, after I started “screaming” loudly enough, they noticed, and really wanted correct what went wrong," he said.

"Hopefully they treated the original reporter(s) fairly as well. In the end, I think Google did pretty well, although the fix timelime still felt long for me."

A patch for the flaw - officially known as CVE-2022-20465 - was included in the November 5, 2022 security update.

READ MORE SUN STORIES

SO STRONG

Heartbroken Phillip Schofield carries mum's casket at funeral

FIGHT OR FLIGHT

BA axing all flights from UK’s biggest airport to 2 destinations next year

Read more about Android

CALLING IT OUT

Chilling mobile discount scam nearly cost me thousands - watch out for it

You should have updates on automatically, in which case your device is safe.

If you have them switched off, you should download and install the latest update as soon as possible.

Best Phone and Gadget tips and hacks

Looking for tips and hacks for your phone? Want to find those secret features within social media apps? We have you covered...

• How to delete your Instagram account
• What does pending mean on Snapchat?
• How to check if you've been blocked on WhatsApp
• How to drop a pin on Google Maps
• How can I change my Facebook password?
• How to go live on TikTok
• How to clear the cache on an iPhone
• What is NFT art?
• What is OnlyFans?
• What does Meta mean?

Get all the latest WhatsApp, Instagram, Facebook and other tech gadget stories here.

We pay for your stories! Do you have a story for The Sun Online Tech & Science team? Email us at [email protected]