liwen · Feb 3, 2012 at 08:30 am

Bug In HTC Sense May Reveal WiFi Passwords, Fixes Are Underway

A security flaw in certain HTC Android builds allows third-party applications to access WiFi passwords. The flaw was discovered last September by Chris Hessing and Bret Jordan, who contacted HTC privately before publicly disclosing details.

Considering the list of affected devices – which includes the Desire HD, Glacier, Droid Incredible, Thunderbolt, Sensation, Desire S, EVO 3D and EVO 4G – it appears that the bug is related to some HTC-specific Android modifications in its custom Sense UI. The myTouch 3G and Nexus One, which both run stock Android software despite being manufactured by HTC, do not have this issue.

Since being informed of the security flaw, HTC has already incorporated fixes into regular OTA updates for “most” devices, though we do not know which ones. For those devices that haven’t gotten an automatic fix yet, HTC will provide a manual fix next week, as a statement on its support site reads:

HTC has developed a fix for a small WiFi issue affecting some HTC phones. Most phones have received this fix already through regular updates and upgrades. However, some phones will need to have the fix manually loaded. Please check back next week for more information about this fix and a manual download if you need to update your phone.

Read more details at My War With Entropy (via Techmeme).


_________
Want something on the XDA Portal? Send us a tip!
TAGS:

liwen

liwen is an editor on XDA-Developers, the largest community for Android users. View liwen's posts and articles here.
Emil Kako · Apr 24, 2015 at 03:11 pm · 4 comments

What Are the Best Looking Apps on Android?

As more developers are updating their apps with Material Design elements, we're starting to see a plethora of beautiful new apps on the Play Store. But which ones are the best? Let us know what you think the best looking apps on Android are and why.

DISCUSS
Mario Tomás Serrafero · Apr 24, 2015 at 01:24 pm · 2 comments

Cyngn Explained: Who’s Cyanogen, What’s Cyanogen OS?

While Cyanogen, Inc has been the source of many headlines lately, there seems to be a lot of confusion regarding the differences between Cyanogen, Inc and CyanogenMod developers, as well as Cyanogen OS and the CyanogenMod ROM that so many XDA users love. The entities surrounding each of these are sometimes different and sometimes intertwined. We’ve gotten messages and comments requesting for a clearer distinction between these for future reference, which is why we are writing this feature. Let’s start...

XDA NEWS
Jimmy McGee · Apr 24, 2015 at 06:30 am · 3 comments

Android 5.1.1 Released, Google Cell Service – XDA TV

Android Lollipop 5.1.1 has been released. That and much more news is covered by Jordan when he reviews all the important stories from this week. Included in this week's news is the announcement of the new Google Cell Service and what we know about it and be sure to check out the article talking about the release of the Sony Xperia Z4. That's not all that's covered in today's video! Jordan talks about the other videos released this week on...

XDA NEWS
Share This