HTC is to release an urgent update for several of its smartphones to fix a vulnerability which could leave personal information at risk. The Android Police blog discovered that a user's GPS location and call logs could be easily accessed by net-enabled apps. After investigating, HTC admitted the flaw could be "exploited by a malicious third-party application". It said affected users will be notified of the update automatically. "HTC is working very diligently to quickly release a security update that will resolve the issue on affected devices," a spokesperson said. Users will be able to download the fix over-the-air. The company has not yet confirmed exactly which models are at risk, but it is understood that the EVO 3D, EVO 4G, Thunderbolt and potentially the Sensation range are all susceptible to the vulnerability. Until the patch is released, the company urges users to "use caution when downloading, using, installing and updating applications from untrusted sources". The flaw relates to a particular file which contains a vast amount of personal information including GPS location history, SMS data, phone logs and e-mail accounts. Apps can gain access to the file by requesting permission to access the internet - a common occurrence for apps that allow the posting of top scores or messages on social networking sites. HTC said they have found no evidence that this flaw has been exploited for malicious purposes, but conceded it does pose a threat to the protection of the user's information. The statement read: "In our ongoing investigation into this recent claim, we have concluded that while this HTC software itself does no harm to customers' data, there is a vulnerability that could potentially be exploited by a malicious third-party application. "A third party malware app exploiting this or any other vulnerability would potentially be acting in violation of civil and criminal laws. "So far, we have not learned of any customers being affected in this way and would like to prevent it by making sure all customers are aware of this potential vulnerability." The company said the patch will be released after a short period of testing, and users are urged to download the update promptly. Artem Russakovskii, the blogger who made the flaw public, welcomed the quick action by HTC, but said he still had concerns over the manner in which large amounts of personal data are kept in the single file. He wrote: "While I applaud HTC's desire to fix the situation quickly, I do have to wonder whether the patch will simply apply some sort of an authentication scheme to the service while letting it continue collecting the same kind of sensitive data to be potentially reported back to HTC or carriers."
GMT 14:28 2018 Wednesday ,05 December
S10 leaks: Samsung to avoid camera notch with hole punch designGMT 21:10 2018 Sunday ,25 November
China's OPPO to unveil new smartphone in Kenya before end of 2018GMT 16:10 2018 Sunday ,18 November
China's Huawei to subsidize 3 Tunisian students for int'l tech competitionGMT 15:46 2018 Tuesday ,06 November
Samsung looks set to announce its breakthrough folding phoneGMT 10:48 2018 Sunday ,04 November
Launching ceremony of Huawei's new flagship smartphoneGMT 06:58 2018 Friday ,19 October
Huawei unveils Mate 20 Pro with fingerprint sensor under the screenGMT 11:30 2018 Monday ,15 October
Google's new Pixel 3: Secure payments, wireless charging and a notchGMT 11:09 2018 Wednesday ,10 October
New Pixel Phones and Other Gadgets Keep Google in the Hardware HuntMaintained and developed by Arabs Today Group SAL.
All rights reserved to Arab Today Media Group 2021 ©
Maintained and developed by Arabs Today Group SAL.
All rights reserved to Arab Today Media Group 2021 ©
Send your comments
Your comment as a visitor