App released for Android USSD exploit | SC Media
Patch management

App released for Android USSD exploit

October 2, 2012

Anti-virus vendor Avira released an app to block an unstructured supplementary service data (USSD) exploit, which could allow attackers to remotely reset phones running Android operating systems 4.1 or earlier. The vulnerability was publicized last month after Ravi Borgaonkar, a researcher at Technical University (TU) Berlin, demonstrated the flaw on a Samsung Galaxy S3 device at the Ekoparty security conference. The bug is exploited if users visit a malicious web page where the USSD code is embedded. New Zealand tech blogger Dylan Reeve said using the standard Android dialer was the issue, as it treated the USSD code like it was typed in by users trying to reset their phones. Samsung users can patch the issue with the latest Galaxy S3 software update.

prestitial ad