Smartphones HTC, Motorola and Sony are also vulnerable to data deletion. Site for checking problems

    As it turned out, the unexpected vulnerability to delete the data when you visit a page with a specially formed link that Samsung managed to quickly fix just a day, are also vulnerable and HTC One X device, HTC Desire, Motorola Defy, Sony Xperia Active and Sony Xperia Arc S.

    The main reason the vulnerability was recognized not by TouchWiz, which Samsung installs on its smartphones, but by the features of processing “telephone” links on some Android devices, in which the USSD code embedded in the body of a regular hyperlink is executed immediately, without user confirmation IT computer security specialist Dylan Reeve. At the same time, this problem has been known for a relatively long time and has been fixed by Google, however, smartphone manufacturers themselves, in all likelihood, are in no hurry to use the patch, thus risking the security of user data.

    Until manufacturers release the corresponding fix, Reeve offers users to install some alternative "dialer", when using which Android will let you choose which program to make a call if a malicious link is caught.

    In order to determine if your smartphone is vulnerable to USSD code, there is already a special site http://dylanreeve.com/phone.php (short link - http://bit.ly/QC03LM ). If, upon visiting it, Android immediately offers to call and displays an IMEI device, then this device is vulnerable to a remote USSD attack.

    UPD : QR code for a website with a vulnerability test (thanks nickel3000 ).



    [ Source ]

    Also popular now: