Featured: Security Vulnerability is not TouchWiz’s Fault, Blame Android OS Itself

September 27, 2012 - Written By Dilawer Soomro

Recently we reported that most of Samsung phones including but not limited to Galaxy S III and Galaxy S II have been found with a security vulnerability that erases the complete phone data including photos, music, files, contacts, etc just by visiting a webpage. One security researcher found out that any Samsung phone running Android OS with TouchWiz UI can be fully wiped just by visiting a web page that has 11 special characters embedded into it. This will cause the device to be factory reset automatically that can not be cancelled by any means.

However, the folks at Samsung weren’t just sitting idly and it was announced by Samsung yesterday that an OTA update has been deployed for the flagship Galaxy S III that will address the issue and solve it permanently. The issue was claimed to be exclusive to the TouchWiz UI by Samsung as many of Samsung’s devices were affected by it. Although, further research has revealed that other handsets manufactured by Motorola and HTC are vulnerable to the attack as well. This means that the issue is in Android OS itself not just TouchWiz. According to Google, the issue was fixed earlier this year but many devices that weren’t updated are still vulnerable to it. So, OEMs need to update their devices and deploying OTA patches to address the issue completely. Nobody wants to lose their precious data just because they were browsing the world wide web.

Galaxy S III users who’ve applied the update are now safe. So, feel free to browse around still download a safer browser like Chrome or Opera to be on the safe side. How about other people using different android devices? Have you come across the horrible issue yet?