Samsung Galaxy S3 bug: other Android handsets at risk, researcher says

Samsung Galaxy S3 bug: other Android handsets at risk, researcher says

Summary: The security researcher who disclosed a Samsung Galaxy S III flaw that could trigger an unwanted reset has said other handsets could be susceptible to the problem, including the HTC One Series and Motorola Droids.

SHARE:
14

A number of Android smartphones could be vulnerable to a bug that lets outsiders remotely tamper with the device, according to the security researcher who demonstrated a factory reset exploit on the Samsung Galaxy S3.

S3
An exploit affecting the Samsung S3 can cause a complete factory reset. Image: Jessica Dolcourt/CNET

Ravi Borgaonker said the HTC One Series, Sensation, Sensation XL, Sony Ericsson's Xperia series, some Motorola Droids, the Samsung Galaxy S series and "possibly others" could all be vulnerable to remote wipe or permanent destruction of the SIM card — if they haven't been updated since June.

"[The] vulnerability is in the Android dialer, so one can exploit it using a malicious link, or write a malicious app that can invoke TEL intent to execute USSD codes," Borgoanker noted on Friday.

Borgaonker said that the Android Security group was informed of the exploit in June and began the process of patching it one week later, so handsets that haven't been updated since that time should be the only ones still vulnerable.

As with the previous case, the problem lies in the way the phones handle some USSD codes (Unstructured Supplementary Service Data). These are generally used by network operators to perform operations such as topping up credit or to deliver one-use passwords or PIN codes; they can also be used to configure the phone. 

However, Borgoanker said that some special USSD codes do not need the phone user to take action to invoke certain functions. Others can, with one click, "kill the SIM card permanently" within four seconds.

He added that all Android devices running Android 2.3.x (Gingerbread), 3.x (Honeycomb), 4.0.x (Ice Cream Sandwich) and 4.1.x (Jelly Bean) are vulnerable to this flaw if they had not been updated since June.

However, he added that only Samsung devices that haven't been updated are vulnerable to being remotely wiped to a factory reset status, as opposed to a permanent wipe of the SIM card.

Earlier this week, Samsung said it has already fixed the bug in the Galaxy S III, but it has not clarified whether other handsets are still vulnerable.

On Friday, HTC too said its handsets have been taken care of.

“We are aware of the potential USSD vulnerability that's been reported and had already taken measures to address this issue on our devices  prior to the public disclosure of this vulnerability," the company said. "While our devices do not support a USSD code to factory reset option, we always recommend that customers avoid modifying or rooting their device in order to preserve the device security measures in place."

Android-backer Google had not responded to a request for comment at the time of writing.

Topics: Security, Android, Mobility

Ben Woods

About Ben Woods

With several years' experience covering everything in the world of telecoms and mobility, Ben's your man if it involves a smartphone, tablet, laptop, or any other piece of tech small enough to carry around with you.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

14 comments
Log in or register to join the discussion
  • Wow what a shocker, an android security bug. Not samsung, not touchwiz

    Fanbois? Surely since the OHA was formed so long ago there's no android phone owners out there at this point who haven't had an update since june. Google fixed the fragmentation problem right fanbois?
    Johnny Vegas
    • Malware on Androids

      Geez to think I considered an Android. I'll just get an iPhone or some Windows Phone.
      X_Tech
      • Good luck on that

        Don't forget to bring a paper map when navigating to the Apple store!
        simonkloot@...
        • paper map

          i personally use waze on my iphone it kicks google maps ass so i doubt i would need a paper map lol
          ezar11
          • please tell us about waze

            I don't care about the trolling and the exploit is disconcerting but can you tell us a little about your experience with waze? I like the idea of what they're offering but never pulled the trigger.
            joemamainthehouse
        • re: "Don't forget to bring a paper map when navigating to the Apple store!"

          It wouldn't be so funny, if it weren't SO TRUE!
          And, hey, guy (up top of Comments).
          By the time you get an iPhone or Win phone, the Android phones will be FIXED and those "other" phones will probably have problems discovered by then too.
          "Stay with what you intellectually believe in (not some !$#%^^* advestizement) because everything has problems, even people". No kidding
          John@...
    • Wow, a shocker

      first comment was from a guy who never actually considered getting an Android in the first place.
      Michael Alan Goff
    • Get real.

      "He added that all Android devices running Android 2.3.x (Gingerbread), 3.x (Honeycomb), 4.0.x (Ice Cream Sandwich) and 4.1.x (Jelly Bean) are vulnerable to this flaw if they had not been updated since June."

      How many Android owners are not going to keep their devices updated when they can? It's like a person using Windows not keeping thier software updated. Nor does this have anything to do with the framentation issue. So let's talk WP7/WP8 issues... how about some of those Johnny... Are WP7 devices still calling home to the Microsoft mothership?
      athynz
      • Re: How many Android owners are not going to keep their devices updated whe

        It's automatic. The device will notify you when there's an update available.
        ldo17
  • Full Disclosure

    What a FUD approach ! "Earlier this week, Samsung said it has already fixed the bug in the Galaxy S III". You mean that we had to wait until the ninth paragraph to find that out ? Wow.
    davebenj2003@...
  • Don't rush to point fingers at yet

    So what? I bug was found, and it's now being dealt with. What's the big deal? Security vulnerabilities are found all the time. Systems' security are as perfect as the humans that make them. This SG3 bug was found and caused a bit of news, and within a week Samsung's dealt with; life goes on.

    What should be concerning rather is how the producers respond to the threats. Samsung has dealt with it promptly, and I appreciate it. If anything I feel more confident in their prudence. Also, another factor is the scale or frequency of security vulnerabilities, which I must say that Android's "vulnerability" simply does not live up to the FUD, far from it. Sorry, but it's true. Millions of users are using Android and so far the only thing you can get is an rumor or report of an illegitimate app managing to sneak in once in a while, only to be reverted. Which is more than I can say for the experience of say like Windows malware and Apple's slow, if any, response to the Mac trojan that infected half a million computers (imagine what its response would be like if a similar bug was found in the iPhone).
    JOB83
  • It's all a matter of scale...

    Android, iOS and Linux get a problem about once a year. Microsoft Windows gets super critical problems once a week that pretty much completely reload the operating system. It's a problem in general. People don't know the difference between spending a million dollars or a trillion dollars. It's all the same to them.
    Tony Burzio
  • Free tool

    Hi there,

    Just wanted to let you know that we (Bitdefender) already released a tool on the Play Store that protects against this vulnerability. Now, once you would tap on a exploiting link, Bitdefender will intercept the wipe command and ask you to decide what to do next. You may, if unsure, dismiss the USSD command.

    You can download it from: http://bit.ly/BD_USSD_Wipe_Stopper


    /Alin Vlad
    Global Social Media Coordinator at Bitdefender
    Alin Vlad
  • update your galaxy s3

    Samsung kept her promise and released its Samsung GALAXY S III Android 4.1.1 Jelly Bean update to unlocked/simfree devices from the Middle-East and Arab and many other countries.

    http://www.pinsmobile.com/content/samsung-kept-her-promise-and-released-its-galaxy-s-iii-android-411-jelly-bean-update
    coolfx35