Major security vulnerability in some Samsung phones could trigger factory reset via web page

A major security vulnerability has been discovered in some TouchWiz-based Samsung smartphones, including the Galaxy S2and certain Galaxy S3 models on older firmware. The bug was first demonstrated by security expert Ravi Borgaonkar at the Ekoparty security conference. It involves the use of a single line of code in a malicious web page, and immediately triggers a factory reset without prompting the user, and without allowing them a way to cancel the process. Even more serious is the possibility that this could be paired with a similar glitch that can render the user's SIM card inoperable. And as the malicious code is in URL form, it can also be delivered via NFC or QR code.

Our Verizon Galaxy S3was not reset by the malicious code embedded in a web page, though we were able to trigger a reset using similar code. Mobile dev Justin Case tells us the issue is fixed in the latest AT&T and international Galaxy S3 firmwares.Others have reported that devices like the Galaxy Ace and Galaxy Beam are also affected. As far as we can tell, though, the vulnerability does notaffect Samsung phones running stock Android, like the Galaxy Nexus. Similarly, Google Chrome on Samsung handsets is not susceptible to the bug, nor are other browsers we tested.

The vulnerability is the result of the way the native Samsung browser and dialer apps handle USSD codes and telephone links. USSD codes are special combinations of characters that can be entered in the keypad to perform certain functions, like enabling call forwarding, or accessing hidden menus on the device. On Samsung phones, there's also a USSD code for factory resetting the phone (and presumably another for nuking your SIM). That, combined with a glitch in the browser which allows phone numbers to be automatically dialed, results in a particularly nasty issue for anyone unfortunate enough to run by a malicious web page.

There are, of course, other applications of this glitch -- for example, the ability to automatically run numbers through the dialer could be used to call premium-rate phone numbers.

But the fact that just visiting a web site could trigger your phone to factory reset itself, and nuke your SIM in the process, is a very serious issue. So update your software if you're running an S3, and if you're not, or if it's not yet fixed on your carrier, we'd recommend switching to Google Chrome immediately. 

We've reached out to Samsung for comment on this issue, and we'll keep you updated with any information they provide.

Source: @Paul Olvia; via SlashGear, @backlon, @teamandirc

Anda baru saja membaca artikel yang berkategori Android News dengan judul Major security vulnerability in some Samsung phones could trigger factory reset via web page. Anda bisa bookmark halaman ini dengan URL https://androidetam.blogspot.com/2012/09/major-security-vulnerability-in-some.html. Terima kasih!

Ditulis oleh: Kayla R.A - Tuesday, September 25, 2012