Skype launched its 4.0 update to its Android version this past week, which introduced a complete redesign that resembles a look similar to its Windows Phone version. It’s a good thing Skype released a new version of its Android app as it looks like a previous version of the software may have a bug that allows you to bypass your device’s lockscreen.
The security flaw can be found in Skype version 22.214.171.12473 and it allows anyone to bypass your Android device’s lockscreen simply by initiating a call between their own device and yours. Once the call is accepted, the caller then hangs up, which the other handset now returns the user to its lockscreen. The attacker would then need to turn off the phone, turn it back on, and when it comes on, it’ll bypass the device’s lockscreen. The phone whose lockscreen has been bypassed will continue to give the attacker access until the phone is rebooted again.
If you happen to be running a version of Skype that isn’t 4.0, we recommend you update your application as soon as possible in order to not allow this bug to occur on your device.