HTC Patches Wi-Fi Security Flaw in Android Phones
The vulnerability could allow an attacker to view all Wi-Fi user names, passwords and SSID information stored on a device.
Researchers Chris Hessing and Bret Jordan have uncovered a vulnerability in some HTC phones that could allow an attacker to view all stored Wi-Fi network credentials, including user names, passwords and SSID information.
"HTC has acknowledged and developed a fix for what it called the 'small Wi-Fi issue affecting some HTC phones,'" writes SecurityNewsDaily's Matt Liebowitz. "Most phones, HTC wrote on its website, have already received the fix through regular updates and upgrades; 'However, some phones will need to have the fix manually loaded.' The HTC site contains instructions on how to upgrade your phone."
"The researchers said they found the bug in September, but publicly disclosed it only after allowing Google and HTC to address it and issue a fix," Liebowitz writes.
Go to "HTC Phones Vulnerable to Wi-Fi Stealing Android Apps" to read the details.
For regular security news updates, follow eSecurityPlanet on Twitter: @eSecurityP.