1. delfteo's Avatar
    Windows Phone SMS attack discovered, reboots device and disables messaging hub

    Microsofts range of Windows Phone devices suffer from a denial-of-service attack that allows attackers to disable the messaging functionality on a device.

    The flaw works simply by sending an SMS to a Windows Phone user. Windows Phone 7.5 devices will reboot and the messaging hub will not open despite repeat attempts. We have tested the attack on a range of Windows Phone devices, including HTCs TITAN and Samsungs Focus Flash. Some devices were running the 7740 version of Windows Phone 7.5, others were on Mango RTM build 7720. The attack is not device specific and appears to be an issue with the way the Windows Phone messaging hub handles messages. The bug is also triggered if a user sends a Facebook chat message or Windows Live Messenger message to a recipient.

    The flaw appears to affect other aspects of the Windows Phone operating system too. If a user has pinned a friend as a live tile on their device and the friend posts a particular message on Facebook then the live tile will update and causes the device to lock up. Thankfully theres a workaround for the live tile issue, at initial boot up you have a small amount of time to get past the lock screen and into the home screen to remove the pinned live tile before it flips over and locks the device.

    Both Apple and Google have suffered from SMS bugs with their iOS and Android devices. Security researcher*Charlie Miller discovered a flaw in the iOS 3.0 software that allowed attackers complete control over an iPhone at the time.*Android-based phones also suffered in the SMS attack, but attackers could only knock a phone offline rather than gain full access. The attack described in this article does not appear to be security related. It appears, from our limited testing, that the bug is related to the way Windows Phone handles messages.

    WinRumors reader Khaled Salameh discovered the flaw and reported it to us on Monday. We are in the process of disclosing the bug directly to Microsoft privately in co-operation with Khaled. At this stage there doesnt appear to be a workaround to fix the messaging hub apart from hard resetting and wiping the device.


    Enjoy DelftEo
    Last edited by delfteo; 12-14-11 at 01:14 PM.
    12-14-11 01:11 PM
  2. T
    This is one of the many reasons I love BlackBerry. The other platforms can keep Netflix and the movie watching on 5" screens.
    12-14-11 01:27 PM
  3. belfastdispatcher's Avatar
    All blackberry devices have a built in firewall that can reject anonymous or advertisement sms.
    12-14-11 01:29 PM
  4. Economist101's Avatar
    There is a list of ways in which Blackberrys outperform other devices, even today. The hard part is getting people to care more about those things than the typical BlackBerry disadvantages. Maybe QNX will solve this, but we won't know until next year.
    JR A likes this.
    12-14-11 02:13 PM
  5. delfteo's Avatar
    Depends of the new os blackberry come with.
    Something total new and fresh do a lot good.

    Enjoy DelftEo
    12-14-11 06:56 PM
  6. JR A's Avatar
    Microsoft containing a virus/malware? What else is new...
    12-14-11 07:14 PM