Bluetooth vulnerability reported in HTC phones

Report says Bluetooth driver in the manufacturer's Windows Mobile devices could expose user contact details and other data, but HTC has not confirmed flaw.

One of HTC's drivers in the manufacturer's Windows Mobile handsets could be vulnerable to exploitation, according to reports.

A flaw in the obexfile.dll Bluetooth driver opens the user up to attack if they have Bluetooth connectivity and filesharing enabled, security researcher Moreno Tablado told PC World. HTC's Windows Mobile 6 and 6.1 handsets are affected.

According to the report, the vulnerability could give the attacker access to various folders on the victim's handset, including contact details, e-mail, pictures and other data.

ZDNet Asia's sister site ZDNet UK has asked HTC to confirm the flaw and asked when it will be fixed, but had not received a reply at the time of writing.

This article was first published as a blog post on ZDNet UK.