contador web Skip to content

Learn how to work around the recently discovered security hole in Androids

The news

Today we learn about a security flaw in Galaxy S3 that may cause the device to be reset, it seems that the deepest problem and unfortunately does not cover only the S3, check the news:

Android may be vulnerable to losing everything on the phone: the device can be reset by visiting any webpage that contains the code tel: * 2767 * 3855% 23 in an HTML frame. According to Dylan Reeve, this is a standard Android bug that Google fixed it three months ago. But as many devices have not been updated with this new code, they remain vulnerable which may even include those using CyanogenMod. The vulnerability has been confirmed in the Samsung Galaxy S II, Galaxy S Advance, Galaxy Beam and Galaxy Ace. But Dylan says she's not limited to Samsung devices:

The remote USSD vulnerability is not just a Samsung problem. The same general vulnerability affects many cell phones. I personally checked this on an HTC One X (with HTC Sense 4.0 on Android 4.0.3) and a Motorola Defy (running CyanogenMod 7 on Android 2.3.5). The flaw was initially demonstrated on the Galaxy S III, but according to Dylan Reeve, Samsung has been aware of the problem for a few months, and the latest firmware for the Galaxy S III (4.0.4) seems to solve the problem. Android Police tested the GSIII, and in fact the bug has already been fixed in it. The same goes for Nexus devices: Jelly Bean doesn't have this bug.

Bypassing the problem

security on Android It works like this: the HTML frame carries a tel: address. She tells her cell phone that this is a clickable phone number. However, it is a USSD code that tells the phone to erase everything in it.

To work around the problem, which seems to be with the standard Android dialer, you can install an alternate dialer through Google Play, there are many to choose from, just search for terms like "dialer" or "dialer" and choose what you like best. .