HTC is addressing an issue on some of its Android devices that exposes Wi-Fi security credentials to applications. Security researchers Chris Hessing and Bret Jordan discovered that third-party Android applications on a range of HTC handsets with the android.permission.ACCESS_WIFI_STATE permission could call a command to access the Wi-Fi credentials of a connected network. The researchers, who discovered the flaw in September, publicly revealed today that it could be used to transmit details to a remote server using the internet access permission.
HTC describes the issue as "small," and is confident that most phones have already received a fix through regular updates over the past few months. However, the company warned that some handsets will need to load the fix manually, and it plans to supply further information on this next week. The following devices are affected by the issue:
? Desire HD (both "ace" and "spade" board revisions) - Versions FRG83D, GRI40
?Glacier - Version FRG83
? Droid Incredible - Version FRF91
? Thunderbolt 4G - Version FRG83D
?Sensation Z710e - Version GRI40
? Sensation 4G - Version GRI40
? Desire S - Version GRI40
? EVO 3D - Version GRI40
? EVO 4G - Version GRI40
selfie wave hand to take picture not working.
News A recent update just brought AV1 support to your Android phone
Facebook
Twitter
Instagram