安卓系统曝严重漏洞,部分手机或可在一分钟内被破解

Serious Android Flaw May Allow Phones to Be Unlocked in Under a Minute

A newly discovered security flaw in certain Android devices has raised concerns after researchers demonstrated that phones could be unlocked in less than a minute under specific conditions.

一项新发现的安卓系统安全漏洞引发关注。研究人员指出，在特定条件下，一些手机可能在不到一分钟内被破解。

The vulnerability targets a core security layer designed to protect sensitive data such as passwords, encryption keys and personal files.

这一漏洞影响的是系统中用于保护敏感数据的核心安全层，包括密码、加密密钥以及个人文件。

In testing scenarios, attackers were able to bypass the lock screen, recover the device’s PIN and access encrypted storage — effectively rendering standard security protections ineffective. 

在测试中，攻击者可以绕过锁屏、恢复设备PIN码，并访问加密存储数据，这意味着常规的安全防护机制在该漏洞面前失效。

The flaw has been identified as affecting certain devices powered by MediaTek processors, a widely used chipset in many Android smartphones.

该漏洞主要影响使用MediaTek芯片的安卓设备，这类芯片在许多手机中被广泛采用。

Researchers estimate that as many as one in four Android devices could be affected, particularly lower-cost models.

研究人员估计，最多约四分之一的安卓设备可能受到影响，尤其是一些价格较低的机型。

The attack itself is not remote. It requires physical access to the phone and a connection to a computer via USB.

不过，这类攻击并非远程操作，而是需要获取手机实物，并通过USB连接电脑才能实施。

Even so, the implications are serious. If a device is lost, stolen or temporarily out of the owner’s control, attackers may be able to extract highly sensitive information.

尽管如此，其风险依然不容忽视。一旦手机丢失、被盗，或短时间脱离用户控制，攻击者就可能提取敏感信息。

In worst-case scenarios, this could include personal photos, private messages, stored passwords and even cryptocurrency wallet credentials. 

在最极端情况下，攻击者甚至可能获取个人照片、私密信息、账号密码以及加密资产相关数据。

The issue originates at the processor level, which means phone manufacturers have limited ability to fix it directly. Instead, the solution relies on firmware updates provided through security patches.

该问题源于处理器底层，这使得手机厂商无法直接彻底修复，只能通过后续系统更新进行补丁修复。

MediaTek has already released a fix, but users will only receive it once their device manufacturer distributes the update — a process that may vary widely depending on the brand and model.

目前相关芯片厂商已发布修复方案，但用户是否能及时获得更新，取决于各手机厂商的推送节奏，不同设备差异较大。

For some older devices, especially those no longer supported, the update may never arrive.

对于部分已停止支持的老旧设备，这一安全更新甚至可能不会推出。

Experts recommend keeping devices updated, avoiding storing highly sensitive information locally, and maintaining physical control of phones at all times.

专家建议用户及时更新系统，避免在手机中存储高度敏感信息，并尽量保持对设备的物理控制。

While smartphone security is often associated with passwords and encryption, this case highlights a deeper reality: even the most trusted protections can have unexpected weaknesses.

人们通常认为密码和加密是手机安全的核心，但这一事件提醒我们，即便是最基础的防护机制，也可能存在意想不到的漏洞。

如果手机真的在你不知情的情况下被“轻松解锁”，你最担心被看到的会是什么？