The vulnerability was due to logging tools HTC introduced when updating its smartphones, the Android Police blog stated.These tools apparently collect information such as a list of user accounts, phone numbers from the phone log, SMS data and system logs.
Further, network information, CPU information, and detailed information on processes running and on installed apps is exposed.
The software does no harm to customers' data, according to HTC's public relations agency, Waggener Edstrom, but there is a vulnerability that could potentially be exploited by a malicious third-party application.
HTC is working on a security patch that will first be sent to carrier partners for testing and then sent over the air to customers to download and install.
"It would appear that a few HTC phones contain a logging mechanism that exposes sensitive user data to an app that requests only permission to access the Internet," Tim Wyatt, principal security engineer for Lookout Mobile Security, told TechNewsWorld.
"HTC is aware of the issue but has not announced how or when they intend to address it," Wyatt continued.
0 Response to "HTC Scrambles to Fix Android Smartphone Flaws"
Post a Comment