Just over a month ago, we reported on a security vulnerability in Windows 10 Mobile that leaves your photos exposed to anyone that picks up your locked phone. In fact, you can try it out right now. Take a picture with your locked phone, delete it, go back, tap the thumbnail image (which will give you a blank screen), go back again, and tap the thumbnail image again. You now have access to the entire camera roll without ever unlocking the device.
But since February's Patch Tuesday was canceled, many assumed that such a serious security vulnerability would be fixed this month. It was not.
Windows 10 Mobile build 14393.953 was released to the Production ring today, and while there was a massive laundry list of fixes, very few - if any - applied to phones. In fact, the update is listed as having zero known issues, which shows that Microsoft either didn't know about the issue - which seems unlikely, given how widely covered it was; overlooked it; or simply ignored it.
Either way, your photos are still open to anyone that picks up your locked phone. When we tested it out, we found that the issue isn't present in the Creators Update Insider Preview builds, so if anything, this should get fixed next month when the feature update ships... assuming it actually ships to phones next month.
17 Comments - Add comment