Friday, February 3, 2012

HTC security flaw lets malicious apps steal Wi-Fi passwords

By Rosa Golijan

HTC

The HTC EVO 3D (pictured) is one of the devices affected by a bug which allows malicious apps to collect users' passwords.

Handset maker HTC has acknowledged that a?security flaw affecting several of the company's popular wireless devices allows malicious apps to steal users' Wi-Fi passwords.?A fix for the issue has been developed and even deployed via software update to many of the affected devices.

The Next Web reports that this particular flaw was first?discovered by researchers?Chris Hessing and Bret Jordan.?The two reportedly came across the issue in Sept. 2011, but did not publicly disclose it before HTC and Google had the opportunity to establish the cause of the problem and begin issuing a fix.

The?issue, which is more accurately described as a security risk, is that a user's Wi-Fi credentials could be harvested by an app which is designed for that purpose. This would mean that such an app would have to be installed on a user's device in order for his or her Wi-Fi credentials to be at risk.

According to the U.S. Computer Emergency Readiness Team (US-CERT), the devices affected by the security flaw include the Desire HD, Glacier, Droid Incredible, Thunderbolt 4G, Sensation Z710e, Sensation 4G, Desire S, EVO 3D and EVO 4G. The?myTouch3g and the Nexus One have "been reported as not affected."

HTC's Help Center explains that most of the affected devices have already received the necessary fix "through regular updates and upgrades."?Some devices will need to have the fix "manually loaded" though and the company will provide details on that process next week.

Related stories:

Want more tech news, silly puns, or amusing links? You'll get plenty of all three if you keep up with Rosa Golijan, the writer of this post, by following her on?Twitter, subscribing to her?Facebook?posts, or circling her?on?Google+.

Source: http://technolog.msnbc.msn.com/_news/2012/02/02/10300096-htc-security-flaw-lets-malicious-apps-steal-wi-fi-passwords

amanda bynes molly sims golden state warriors hostess brands nh primary david crowder band amber rose

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.