Windows Phone SMS attack discovered, reboots device and disables messaging hub

Windows Phone SMS attack discovered, reboots device and disables messaging hub

Microsoft’s range of Windows Phone devices suffer from a denial-of-service attack that allows attackers to disable the messaging functionality on a device.

The flaw works simply by sending an SMS to a Windows Phone user. Windows Phone 7.5 devices will reboot and the messaging hub will not open despite repeat attempts. WinRumors has tested the attack on a range of Windows Phone devices, including HTC’s TITAN and Samsung’s Focus Flash. Some devices were running the 7740 version of Windows Phone 7.5, others were on Mango RTM build 7720. The attack is not device specific and appears to be an issue with the way the Windows Phone messaging hub handles messages. The bug is also triggered if a user sends a Facebook chat message or Windows Live Messenger message to a recipient.

The flaw appears to affect other aspects of the Windows Phone operating system too. If a user has pinned a friend as a live tile on their device and the friend posts a particular message on Facebook then the live tile will update and causes the device to lock up. Thankfully there’s a workaround for the live tile issue, at initial boot up you have a small amount of time to get past the lock screen and into the home screen to remove the pinned live tile before it flips over and locks the device.

Both Apple and Google have suffered from SMS bugs with their iOS and Android devices. Security researcher Charlie Miller discovered a flaw in the iOS 3.0 software that allowed attackers complete control over an iPhone at the time. Android-based phones also suffered in the SMS attack, but attackers could only knock a phone offline rather than gain full access. The attack described in this article does not appear to be security related. It appears, from our limited testing, that the bug is related to the way Windows Phone handles messages.

WinRumors reader Khaled Salameh discovered the flaw and reported it to us on Monday. They are in the process of disclosing the bug directly to Microsoft privately in co-operation with Khaled. At this stage there doesn’t appear to be a workaround to fix the messaging hub apart from hard resetting and wiping the device. Please see the video below for a demonstration.




I think this is really a danger sign for all those window phone users. Has anybody findout any solution for this freaking sms attack if any. Please let us know. Bharat sms
The base-model 27-inch iMac starts at $1799, is starting in the no so distant past a really better than ordinary worth considering you're getting a manager among other bewildering 5K shows open. It's just an impoliteness that you paying little psyche to everything can't use these 5K machines as independent introductions like you could with iMacs some time back.

To get to your financial record, you'll initially need to make an online record by means of your card guarantor's site. On the off chance that you got a Mastercard through your present bank or credit association, your charge card record might be available through your current web based financial record. If not, check the rear of your charge card for the Mastercard backer's web address where you can make an online record.

Shahzeb Tejani got gigantic love for his deep voice worldwide for the melody 'Apna Bana Le Na' which crossed a Million+ perspectives on YouTube inside a couple of days of the discharge. Love and thanks from fans and well-wishers around the world drives his enthusiasm for music and this year again he has formed, composed and sung another profound sentimental track 'Tum Ho' for his overall fan base. Zee Music has indeed teamed up with Shahzeb and is good to go to dispatch his new single 'Tum Ho' on March 27th.

Logically verifiable robot authority plans other than need the choice to white-mark their machine the supervisor psyches and pull in secure access to HD video from machines, telemetry, and remote gimbal control – in this manner ensuring data endorsement. Finally, in-house experience meander quickly rehearses demand top level security, reasonable flexibility and the ability to do custom PoCs and pilots that address corporate use-cases for meanders curiously.

Add new comment

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.