There seems to be a new bug making the rounds for people that are running Windows 10 Mobile on their Lumia smartphones. It has been reported that a lock screen exploit can give anyone with physical access to your smartphone the ability to snoop on just about any picture that is stored on your device.
A member of the Windows Insider Brazil community is credited with discovering the exploit, which can bypass the PIN-based security on your smartphone. The first step is to open the camera app on a locked device (this functionality must have already been enabled in Settings). Once you snap a picture, you’ll see a preview of the photo pop up in the lower left-hand side of the screen. Tap on the preview, then tap the trash can icon to delete the photo.
At this point you’ll need to press the Back button, which is where the fun starts. Once you press back, the “deleted” photo is still shown as a thumbnail in the bottom left-hand corner of the screen. Once you click on it this time, however, you’re taken to a black screen. You’ll need to press the Back button once more, and then tap on the preview for a third time which will then give you full access to the camera roll and any other phtos or videos stored on the device.
You can see the steps needed to reproduce this exploit in the video below:
We should once again mention that a person needs to have physical access to your Windows 10 Mobile device to pull off this “trick”. So, if you don’t want people seeing what transpired on your salacious Valentine’s Day escapades, you might want to keep your smartphone on you at all times (even when running down the hall in your workplace to make chit chat with your colleagues) until Microsoft can push out a fix to the release channel.