IDG News Service >
 

Windows Phone 7.5 SMS Vulnerability Can Disable Messaging

o Daniel Ionescu
13.12.2011 kl 14:54 | PC World (US)

Windows Phone 7 devices are susceptible to an SMS vulnerability that could lock users out of their messaging functions. The discovery comes from a tipster at the WinRumors blog, who demonstrated that a malicious SMS sent to Windows Phone 7.5 phones would force it to reboot and lock down the messaging hub.

 

Windows Phone 7 devices are susceptible to an SMS vulnerability that could lock users out of their messaging functions. The discovery comes from a tipster at the WinRumors blog, who demonstrated that a malicious SMS sent to Windows Phone 7.5 phones would force it to reboot and lock down the messaging hub.

The vulnerability does not appear to be specific to any particular Windows Phone devices, and the bug is triggered not only by SMS messages, but also by a Facebook chat or by Windows Live Messenger message. Once the phone is affected by the denial-of-service message, the device will reboot and the messaging hub will not open, locking users out of messaging functions. The procedure was documented in a short video embedded below, but it's unclear what the attack message must contain.

The only workaround found so far to unlock the messaging hub after the attack is to hard reset the device, or wipe it. If the attack comes via a Facebook message in one of the live tiles, the solution is to remove the pinned live tile before its flips over (after a restart) and locks the device. Microsoft is yet to comment on the vulnerability that Khaled Salameh discovered.

Windows Phone 7 devices are not the first to suffer from SMS vulnerabilities. In 2009, an SMS vulnerability was found in iPhones, that would allow an attacked to remotely install and run unsigned software, with root access to the phone. Apple later fixed the problem via a software update. Android users had their fair share of SMS trojan apps, with the latest batch of pulled apps earlier this week.

Follow Daniel Ionescu and Today @ PCWorld on Twitter

Keywords: Security  Consumer Electronics  
Latest news from IDG News Service

Copyright 2009 IDG Magazines Norge AS. All rights reserved

Postboks 9090 Grønland - 0133 OSLO / Telefon 22053000

Ansvarlig redaktør Henning Meese / Utviklingsansvarlig Ulf Helland / Salgsdirektør Tore Harald Pettersen