ID: IRCNE2012091633
Date: 2012-09-29
According to "cnet", Samsung Galaxy S3 owners are subject to a vulnerability that can actually be fixed with an over-the-air update.
Samsung today said that users can install a security update over the air that will safeguard them from a vulnerability that could allow someone to remotely delete all of their personal data from the handset.
Security researcher Ravi Borgaonkar discovered the flaw and demonstrated it last week at a security conference in Argentina. The flaw lies in the way Samsung's TouchWiz UI handles unstructured supplementary service data codes, which are allowed to execute commands on the device's keypad.
Malicious hackers who realized that took to the Web and unleashed malicious code that was capable of taking advantage of the flaw and remotely wiping the entire device. According to Borgaonkar, the flaw can be exploited through Web links, QR codes, and even SMS.
Samsung didn't say how it addressed the flaw, but reassured users that the issue "has already been resolved." Interestingly, Borgaonkar said that it was "possible to exploit this attack only on Samsung devices."
Related Link:
Samsung smartphones vulnerable to remote data wipe
- 2