Mobile Security goes for a toss on Windows 10 Mobile Phones

Windows 10 Operating system based mobile phones are having a serious security flaw. And although the flaw seems small; it could turn into a major disaster if ignored.

The problem starts with the ā€˜Pin Set Upā€™ in the settings app for Windows 10 Mobile Sign-in. A user can easily remove the pin from the device without having to verify the current pin thatā€™s set via a Microsoft-linked email account verification. For instance, if you have a pin say ā€˜0000ā€™ and someone has got your phone access, then they can simply remove it without a confirmation from you. Thus, there is a high probability of them changing the password and locking down the phone on a permanent note.

This, however, isnā€™t the case when you try to change the pin in Android/iOS loaded mobile phones, as the user needs to input the old pin in order to change it further.

Whatā€™s more apprehensive in this issue is that most Windows 10 mobile phones allow users to use the same pin for their mobile wallet access. Imagine, if someone changes the pin and uses the new pin to gain access to the funds in your walletā€¦.?

As per our sources, this issue is impacting all users using Windows 10 Mobile OS version of 1511, 1607 and even the latest beta which is under preview.

Note- The percentage of users using Windows 10 loaded mobile phone is only 7% when compared to Android or iOS based phones. But in near future, as Microsoft is looking to revive the phone market for Nokia, the said security flaw can turn serious.

Hope, someone from Microsoft makes a note of this article and then comes up with a fix.

Ad
Naveen Goud
Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display