Samsung rolls out fix for USSD vulnerability

Samsung rolls out fix for USSD vulnerabilityYesterday, “security enthusiast” Pau Oliva raised eyebrows when he tweeted the USSD code to factory reset the Samsung Galaxy S III, adding that it could be triggered from a browser.

Samsung has quickly moved to allay fears, with an over the air (OTA) Galaxy S III software update.

It’s reported that the triggered Samsung Galaxy S III reset requires a degree of user intervention, so it’s not entirely automatic. However, Samsung recommends that all users install the Samsung Galaxy S III update.

An official Samsung statement reads: “We would like to assure our customers that the recent security issue concerning the GALAXY S III has already been resolved through a software update.

“We recommend all GALAXY S III customers to download the latest software update, which can be done quickly and easily via the Over-The-Air (OTA) service."

However, worryingly, the flaw is thought to extend to other TouchWiz devices, including the Samsung Galaxy S II and Advance - which reset without the aforementioned user intervention. One click and your device is wiped. No word on a fix for those chaps just yet.

Pau writes: “that's why I hate OEM customizations on top of android ;)”.

via: The Verge

Read more about: Samsung Galaxy S2Samsung Galaxy S3Android

Add a comment
3 comments

OFI  Sep. 26, 2012 at 13:15

The USSD exploit is on a number of Androids not just Samsung. But with various damaging effects based on the codes available.

monodesigns  Sep. 26, 2012 at 14:06

It's so nice that Samsung crates a fix for the Galaxy S3, but doesn't say anything about the Galaxy S2.

mrbooi  Oct. 3, 2012 at 22:15

Eset has a tool you can use to protect your self until a update is out
http://www.eset.com/tools/ussdtest/

Email:

You don't need an account to comment. Just enter your email address. We'll keep it private.

Comment: