Samsung Galaxy Owners – Watch what you click!

In a stunning display of shortsightedness, Samsung has a USSD code that allows phones to be reset to factory settings.  This wouldn’t seem bad if the codes could only be run by carriers, as they were expected to be, but when combined with an Android flaw (or is it a “feature”?) that executes USSD codes from browser links…..

https://twitter.com/pof/status/250540790491787264

This can be triggered through an SMS, scanning a QR code, clicking a link in the browser, or NFC.

Ouch.

Samsung is reporting that that have a fix in place for the Galaxy S III, so make sure you keep your phones up to date.

 

In other news, there’s another 0-day Java exploit.  There’s not a lot of things that require Java anymore. Uninstall it if possible.

 

About these ads

One response

  1. Pingback: Seriously, Samsung? | Arboreal Security

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s