Samsung patches remote wipe vulnerability on Galaxy S III
Samsung has patched a software vulnerability on its flagship Galaxy S III smartphone that allowed the device to be maliciously wiped of its data.
Samsung says that the flaw had already been identified and fixed with an over-the-air update. Samsung is urging all Galaxy S III owners to update their devices if they haven’t already done so.
The flaw in Android’s operating system was discovered by security researchers. As my colleague Daniel Ionescu reported, the wipe could be triggered by clicking a link that contains a line of malicious code, or even by scanning a doctored QR code. The hack made use of USSD codes, a protocol normally used by phones to communicate with the wireless carriers.
Samsung made no mention of other devices that are affected. Those include handsets running its TouchWiz UI, such as the Galaxy S II, Note, Beam, S Advance, and Ace. According to Samsung Belgium, a firmware patch is now being tested, at least for the Galaxy S II. In the meantime, as always, steer clear of clicking on unknown links and use an alternative browser, such as Google Chrome, since the flaw seems to be affecting only the stock TouchWiz browser.
If you own one of those phones and an update is available, it’s a good idea to update as soon as possible.