Wi-Fi security hole discovered in multiple HTC devices

2 Feb


HTC has acknowledged that some the company’s handsets contain a security hole involving the handling of certain data requests while connected to a Wi-Fi network. Security researchers Chris Hessing and Bret Jordan discovered the vulnerability, which could use the android.permission.ACCESS_WIFI_STATE permission to create a command to view all Wi-Fi credentials while connected to the network. The researchers discovered the flaw in September, however over the past few months they have worked with HTC and Google to patch things up before going public. The hole could have been used to transmit information to a remote server using the Internet access permission. Read on for more.

“HTC has developed a fix for a small WiFi issue affecting some HTC phones,” HTC posted on its support site. “Most phones have received this fix already through regular updates and upgrades. However, some phones will need to have the fix manually loaded. Please check back next week for more information about this fix and a manual download if you need to update your phone.”

Four Froyo devices are vulnerable to the exploit — the Glacier (myTouch 4G), DROID Incredible, Thunderbolt 4G and Desire HD — and four Gingerbread devices are vulnerable — the Desire HD, Desire S, Sensation and EVO 3D.

[Via TheNextWeb]



Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: