“The flaw works simply by sending an SMS to a Windows Phone user. Windows Phone 7.5 devices will reboot and the messaging hub will not open despite repeat attempts. We have tested the attack on a range of Windows Phone devices, including HTC’s TITAN and Samsung’s Focus Flash. Some devices were running the 7740 version of Windows Phone 7.5, others were on Mango RTM build 7720.
The attack is not device specific and appears to be an issue with the way the Windows Phone messaging hub handles messages. The bug is also triggered if a user sends a Facebook chat message or Windows Live Messenger message to a recipient.”
The malicious text message causes the Windows Phone to reboot, and then when it is back up, the Messaging Hub is no longer accessible. The vulnerability has been reported to Microsoft, but as of now there is no fix for the problem other than hard resetting and wiping the phone.
Leave a Reply