Google fixes SMS crashing bug in mobile OS
Google last week updated its Android mobile phone software, following the discovery of a potentially nasty pair of denial of service bugs.
The first of the two bugs creates a means for hackers to kick an Android phone off a mobile network and force a restart via a malformed SMS message. Dodgy text would contain a badly formatted WAP Push message that causes an exception on phones running the open source-based software, triggering a restart.
The second vulnerability involves tricking a user into downloading and running a malicious application that hooks into Android's (vulnerable) Dalvik API. This API function contains a security bug that means a system restart can be forced.
Users are advised to upgrade to Android 1.5 CBDxx, CRCxx and COCxx, as explained in an advisory by oCERT here. oCERT is an organisation that handles security disclosure for open-source projects. ®
Pity my headset doesn't work anymore.
Just like they broke it with 1.5 (Cupcake) and I had to get a widget off the market to fix that. Now the widget doesn't work anymore with 1.6 (Donut). No more music for me.
Hope it fixes youtube search too
Well the last patch busted the search in my youtube app on my HTC Magic G2, so I hope Donut fixes that as well. Pity because it was good before... And a bluetooth API would be nice...
Not just a big fix update
But a nicer Camera interface - easier to switch to video, amongst other things - and a nice little applet in Settings, About to see what aspects of the phone have been using the most power.
Just curious - is this the same (type) of exploit that affected iPhones a while back?
Paris - we all remember her Sidekick incident, I'm sure...