remote attack: dirty line of code threatens S3

[traajik]

check this out if your planning on buying an s3 for metro coming out, i'll also be posting this in the s3 sub forum directory, but i chose to put it here as well as i know many metro users planning on buying one.



"Even more worrying is the concern that the attack can be increased so a USSD code can be used to kill the SIM card being used by the handset, so a single message can not only wipe the handset, but leave the owner with a useless SIM card as well.

It has also been found that it is possible to make Samsung smartphones go to a malicious website containing the code via a WAP=push SMS message. This issue has also been found to affect the Samsung Galaxy S2, Galaxy S Advance, Galaxy Ace, and Galaxy Beam."

Samsung Galaxy S3 threatened with remote hack USSD code

 

[PlayfulGod]

Yea a update has been rolled out for it. CM9/10 is safe as it was patched in the google ics code a few merges back and I have seen mentions of patches for CM7.

Not all devices are affected, just some and more than just those mentioned.


Oh and just to clarify, the dialer code itself isnt the malicious part, its actually kinda useful in the right circumstances, but let a few kiddies find it and ruin its usefulness with their silly games. Although such a cmd should have some sort of failsafe on it to prevent such malicious use, but live and learn I guess.