The vulnerability, discovered by John Gordon, is easy to exploit: simply open the phone`s "Emergency Call" feature, type a few characters and the repeatedly copy-and-paste them. The pasted text becomes longer and longer — Gordon`s reaches over 160,000 characters — and, as such, harder for the phone to handle.
Next, open the camera app which causes the phone to ask for a password into which the 160,000 character string is pasted. After a few minutes the phone restarts, booting straight to the unlocked home screen.
Gordon told CNN Money that he informed Google in August and the company has released a patch, but many users could remain affected due to the lag in Android software updates.
This hack is the latest in a long line of vulnerabilities that appear in major operating systems, including a text message hack that affected Android which was discovered in July and a malware hack that affects iOS discovered in September.
More about:
