Samsung has already patched ‘dirty USSD’ vulnerability for Galaxy S III

'Dirty USSD' code embed can reset your Samsung Galaxy S III  and other TouchWiz devices

If you were worried about stumbling onto a malicious website and accidentally wiping your Samsung Galaxy S III or other TouchWiz smartphone or slate, you can probably breathe easy. It's likely you already have firmware on your device which isn't vulnerable to the so-called dirty USSD code, and if not, you can download it now, according to Samsung. The company issued the following statement on the matter: "We would like to assure our customers that the recent security issue concerning the Galaxy S III has already been resolved through a software update. We recommend all Galaxy S III customers download the latest software update, which can be done quickly and easily via the Over-The-Air (OTA) service." It turns out we couldn't reproduce the bug earlier as we already had the latest update, and you should probably check to see that you do, as well. Meanwhile, we're also checking to see if other Touchwiz devices have been patched, so don't forget to watch what you click.

Filed under: , , ,

Samsung has already patched 'dirty USSD' vulnerability for Galaxy S III originally appeared on Engadget on Wed, 26 Sep 2012 05:36:00 EDT. Please see our terms for use of feeds.

Permalink   |   | Email this | Comments

‘Dirty USSD’ code could automatically wipe your Samsung TouchWiz device (updated)

'Dirty USSD' code embed can reset your Samsung Galaxy S III  and other TouchWiz devices

The Factory Reset. One of those last ditch efforts that many of us have a fair bit of experience with. However, a malicious embed code could potentially do the exact same thing to your Galaxy S III. The Unstructured Supplementary Service Data (USSD) code (which we won't reproduce here) apparently only works on Samsung phones running Touchwiz, and only if you are directed to the dodgy destination while inside the stock browser (rather than Chrome, for example). This means the Galaxy Nexus is unaffected, but it can work the same dark magic on the likes of the Galaxy S II.

We've been trying to murder a (UK-based) GS III here at Engadget, but with no luck as yet -- we can cause the malicious digits to appear in the dialer, but we can't force the stock browser to visit them as a URL, even when trying a bit of URL forwarding and QR code trickery. However, this particular GS III has been rooted in the past, even though it's now running an official TouchWiz ROM, and that may be interfering with the process.

Aside from our own experiences, the evidence for the vulnerability is certainly strong. It was demonstrated at the Ekoparty security conference last weekend, during which time presenter Ravi Borgaonkar also showed how a different code could even wipe your SIM card. See the video after the break for the evidence.

Update: Tweakers.net has been able to replicate the security hole on a Galaxy S Advance, while The Verge has confirmed that it works on both the Galaxy S II and the AT&T Galaxy S III. Samsung has told us it's looking into the issue.

Continue reading 'Dirty USSD' code could automatically wipe your Samsung TouchWiz device (updated)

Filed under: , , ,

'Dirty USSD' code could automatically wipe your Samsung TouchWiz device (updated) originally appeared on Engadget on Tue, 25 Sep 2012 08:17:00 EDT. Please see our terms for use of feeds.

Permalink Tom Scott (Twitter)  |  sourceAlejandrospamloco (YouTube), Ekoparty security conference  | Email this | Comments