The Register® — Biting the hand that feeds IT

Feeds

Google fixes SMS crashing bug in mobile OS

Paranoid Android

By John Leyden, 12th October 2009
  • print
  • alert

Regcast training : Hyper-V 3.0, VM high availability and disaster recovery

Google last week updated its Android mobile phone software, following the discovery of a potentially nasty pair of denial of service bugs.

The first of the two bugs creates a means for hackers to kick an Android phone off a mobile network and force a restart via a malformed SMS message. Dodgy text would contain a badly formatted WAP Push message that causes an exception on phones running the open source-based software, triggering a restart.

The second vulnerability involves tricking a user into downloading and running a malicious application that hooks into Android's (vulnerable) Dalvik API. This API function contains a security bug that means a system restart can be forced.

Users are advised to upgrade to Android 1.5 CBDxx, CRCxx and COCxx, as explained in an advisory by oCERT here. oCERT is an organisation that handles security disclosure for open-source projects. ®

Regcast training : Hyper-V 3.0, VM high availability and disaster recovery

COMMENTS

House Rules Send Corrections
All Reader Comments (4)
Latest Comments
Anonymous Coward

Pity my headset doesn't work anymore.

Just like they broke it with 1.5 (Cupcake) and I had to get a widget off the market to fix that. Now the widget doesn't work anymore with 1.6 (Donut). No more music for me.

0
0
Ian Wiles

Hope it fixes youtube search too

Well the last patch busted the search in my youtube app on my HTC Magic G2, so I hope Donut fixes that as well. Pity because it was good before... And a bluetooth API would be nice...

0
0
Phil Rigby

Not just a big fix update

But a nicer Camera interface - easier to switch to video, amongst other things - and a nice little applet in Settings, About to see what aspects of the phone have been using the most power.

Just curious - is this the same (type) of exploit that affected iPhones a while back?

Paris - we all remember her Sidekick incident, I'm sure...

0
0

More from The Register

breaking news
Pttow! Ofcom kicks hams out of MoD bands
Geet off my land, you, you ... 'secondary user'
30
breaking news
Now you can use your phone instead of your wallet at the ATM, too
Blimey, these little paper towels out of the vending machine are really expensive
47
breaking news
UK.gov's £530m bumpkin broadband rollout: 'Train crash waiting to happen'
Whitehall whispers of damning watchdog report next month
30
Google launches broadband balloons, radio astronomy frets
A careless Loon could blind the square kilometre array
46
breaking news
MySpace zaps millions of teens' tearful rants, causes wave of angst
'Your crappy redesign SUCKS, I wanna read my blogs' screech users
53
breaking news
Microsoft Office 365 on iPhone NOW: No, we're not making this up
Word, Excel, Powerpoint for your pocket-stroker
83
Vodafone Oz launches '100 Mbps' 4G service
Nice speed if you can get it
7
breaking news
Clearwire board to shareholders: Go on, grab that Dish cash
Sprint looks on in dismay
3
EU signs off on eCall emergency-phone-in-every-car plan
GPS and a mobe in every car - do you suppose the NSA would fancy that?
100
breaking news
White Space wonga time: White House tips $100m into next-gen comms
Empty frequencies right place for tomorrow's mics, phones and fridges
2