Samsung has released a fix for a critical error in its software that allowed malicious code to remotely wipe its Galaxy S3 smartphone.
The vulnerability was showcased by security researcher Ravi Borgaonkar at Ekoparty security conference on Tuesday.
Samsung later told V3 that it was aware of the issue and had built a fix, which it was distributing as an over-the-air update..
"We would like to assure our customers that the recent security issue concerning the Galaxy S3 has already been resolved through a software update," a Samsung spokesman told V3.
"We recommend all Galaxy S3 customers to download the latest software update, which can be done quickly and easily via the over-the-air (OTA) service."
The vulnerability was reportedly in the device's Unstructured Supplementary Service Data (USSD) protocol, which is used in the messaging between handset and mobile network. Potentially, hackers could use the vulnerability to send a “factory reset” command to the user's device.
The attacks could be mounted using a number of different mediums including website links, NFC tags and QR codes.
Security firm Sophos has since warned that the vulnerability may relate to several other Android handsets, including those made by other manufacturers, and urged owners of devices to back-up their phone regularly.
"Whether you choose to trust the cloud, or synchronise to your laptop, or just copy important files to removable storage, don't take the long-term data integrity of your phone for granted," warned Sophos researcher Paul Ducklin.
Source : v3.co.uk
.jpg)
0 comments:
Post a Comment