Samsung has found a fix for remote reset vulnerability on TouchWiz devices
Yesterday we reported on a worrying security vulnerability that could result in Samsung smartphones such as the Galaxy SIII being wiped and reset with a single click.
Thankfully Samsung has confirmed it already has a fix to patch the hole, which it will be issuing to the affected devices by means of a firmware update. Phones affected included the Galaxy SIII, Galaxy SII and Galaxy S Advance, although security researchers have warned that all Android devices using the TouchWiz user interface could be affected.
Samsung has issued a statement via its Belgian Twitter account, in which it confirms that a fix is already in place and waiting to be rolled out. However, it only mentions the flagship Galaxy SIII phone as being fixed, with no mention of any other Galaxy devices.
“We would like to assure our customers that the recent security issue concerning the GALAXY S III has already been resolved through a software update. We recommend all GALAXY S III customers to download the latest software update, which can be done quickly and easily via the Over-The-Air (OTA) service.”
Users connected to Wi-Fi can head into the Settings menu, scroll down and select ‘About Phone’ followed by Software Update to check and install the fix. We would also recommend users of other Galaxy smartphones to do the same, just in case.
The vulnerability was discovered over the weekend by security researchers, who discovered that a code to wipe Samsung phones could easily be put into a webpage, QR Code, NFC tag or sms push message. Once the user clicked the link, the phone would be triggered to start an unstoppable factory reset which would wipe the internal memory.
Thankfully this issue has been patched!
Via: The Verge