JPG hole cuts RAZR open
Motorola handset vulnerable
A bug in Motorola's RAZR firmware could allow a malformed JPG file sent over MMS to overflow the stack, theoretically making it able to execute arbitrary code.
The exploit is hypothetical, and would be very hard to abuse, but it's still a serious enough prospect for Motorola to issue a fixed firmware download – even if it's taken them the best part of a year to do so.
The problem is in the EXIF parser, which extracts additional data from a JPG file when it's received. Exchangable Image File Format is a set of tags that can be embedded in image files, such as the location where the image was taken or the camera used to take it.
the woes of the v3
i too got the v3 due to its looks, but it was a useless phone! Massive lag when typing, crashes, battery unusable after only a year, only enough space for one mp3 or VERY short video clip. Rubbish phone.
Shoddy service for American victims^H^H^H^H^H^H^Hcustomers
@John Navas: I'm not at all surprised that the "Number One Provider" doesn't support a fix. Dealing with sub-Third World service is one very large reason I'm glad I don't live in the States anymore. (Sub-Third World politics is another, related issue, but we won't go there now) :-P
Paris because she's more competent at what she does than the megacorps are at what they say they do...
No update for AT&T Wireless, largest carrier in the USA
While there is an update for USA T-Mobile, there's no update for AT&T Wireless (Cingular), the largest carrier in the USA, a huge disservice to these users. Both Motorola and AT&T should be ashamed.