There's been found a vulnerability in Symbian S60 platform using smartphones. By exploiting the vulnerability an attacker may prevent the target recieve sms and mms messages. That kind of state can be caused by sending one or more specially crafted sms message to the recipient's phone. Part of S60 phones alert of end of memory after recieving enough of these specially crafted text messages. Other part stops recieving the messages immediately.
Symbian OS is operating system used in many mobile devices. It's S60 platform is used by most mobile phone manufacturers like Nokia, Siemens and Sony Ericsson.
Vulnerable S60 series versions are:
-S60 2nd Edition, Feature Pack 2 (s60 2.6)
-S60 2nd Edition, Feature Pack 3 (s60 2.8)
-S60 3rd Edition, Initial Release (s60 3.0)
-S60 3rd Edition, Feature Pack 1 (s60 3.1)
Phones with S60 version higher than 3.1 are not vulnerable.
Mobile phones can be restored from the vulnerability caused state by doing 'factory reset'. This will reset all settings made by user to the default ones.
It's also possible to protect the phone against these crafted messages by installing S60 suitable antivirus software capable of detecting the exploiting messages.
More information can be read from F-Secure's Blog
Thursday, January 1, 2009
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment