X
Tech
Home Tech Security

Palm patches WebOS snooping vulnerability

The company says it has fixed a hole that lets intruders bug calls and access other phone data with the latest release of its WebOS platform
Written by Ben Woods, Contributor

Palm has fixed the reported snooping vulnerability that allows a specially-crafted vCard to record and transmit conversations to a remote location.

The flaw, which allows a perpetrator to control the recording of phone calls at will and sends them back to the source of the rogue vCard, was reported to Palm in May, according to Alex Fidgin, director of MWR InfoSecurity, the company that discovered the vulnerability.

In a brief updated statement, Palm contacted ZDNet UK on Friday to say that "the current version of WebOS fixes the security vulnerability reported to Palm". WebOS 1.4.5 is available to users over the air.

A Palm spokesperson had previously said the company was investigating the security risk but would "not comment on specific security enquiries".

The researchers at MWR also discovered a vulnerability in the Google Android mobile operating system that allowed the web browser to be exploited if pointed at a malicious web page, resulting in the divulgence of personal details such as usernames, passwords and other sensitive credentials.

Google says the hole was patched in version 2.2 of the Android OS, otherwise known as Froyo.

Editorial standards
Show Comments

Related

Memory feature in ChatGPT

OpenAI makes 'Memory' available to all ChatGPT Plus subscribers - how to use it

entrypoint-pr.png

GitHub releases an AI-powered tool aiming for a 'radically new way of building software'

pxl-20240424-181716738

Sorry, you really can't disable Facebook's Meta AI tool - but here's what you can do