French blogger Korben has discovered that certain smartphones with Mediatek chipsets seem to shut down and reset themselves upon receiving an equals symbol "=" (without the quotation marks) via text message.
This is not so much a security hole in that there is a risk of data being compromised, but it makes phones vulnerable to remote attacks because being repeatedly spammed with the equals symbol could render a user"s phone unusable, or receiving such a text message during a phone call could terminate the call.
An incomplete list of smartphones affected by the flaw is available below:
|
|
You can test if your own Mediatek-based smartphone is susceptible by messaging an equals symbol to yourself.
According to the blog wiity, the solution to this is fairly simple, in that all the user has to do is download an alternative messaging app to handle SMS messages rather than use the standard one that comes with the phones. Still, this is an extremely strange flaw that could prove to be a major hassle if an attacker attempts to exploit it.
Korben discusses and demonstrates the flaw in the video below: