Palm has fixed the reported snooping vulnerability that allows a specially-crafted vCard to record and transmit conversations to a remote location.
The flaw, which allows a perpetrator to control the recording of phone calls at will and sends them back to the source of the rogue vCard, was reported to Palm in May, according to Alex Fidgin, director of MWR InfoSecurity, the company that discovered the vulnerability.
In a brief updated statement, Palm contacted ZDNet UK on Friday to say that "the current version of WebOS fixes the security vulnerability reported to Palm". WebOS 1.4.5 is available to users over the air.
A Palm spokesperson had previously said the company was investigating the security risk but would "not comment on specific security enquiries".
The researchers at MWR also discovered a vulnerability in the Google Android mobile operating system that allowed the web browser to be exploited if pointed at a malicious web page, resulting in the divulgence of personal details such as usernames, passwords and other sensitive credentials.