HTC Android Phones Being Updated to Address WiFi Security Vulnerability

February 3, 2012, By Sanjeev Ramachandran

In September last year, security researchers Chris Hessing and Bret Jordan discovered a security vulnerability in some of HTC’s Android devices which could allow malicious apps to steal WiFi security information. Now HTC is updating some of their devices to fix the vulnerability.

HTC posted in their official support site that many of the affected handsets had already been updated over-the-air. However, some may need to be updated manually in the future.

On an affected device, the bug in question could allow an Android application with the innocuous-sounding ACCESS_WIFI_STATE permission to access WiFi passwords for any network the phone is connected to. TheNextWeb reports that Hessing and Jordan worked with Google and HTC to track down the root cause and develop a fix before going public.

That explains why you have not come across this news before. Affected smartphones include HTC Desire HD (Froyo, Gingerbread), T-Mobile MyTouch 4G (Froyo), HTC Desire S (Gingerbread), HTC Sensation (Gingerbread), HTC EVO 3D (Gingerbread), HTC Droid Incredible (Froyo) and HTC Thunderbolt 4G (Froyo).

In case your device had been affected, it’s likely already been updated with the fix over-the-air. The manufacturer says to check back next week for more information on a manual patch for certain handsets.

Don’t panic. Malicious apps stealing WiFi passwords are not the biggest of issues after all.

© 2008-2012 - All rights reserved | Privacy Policy