Nokia admits security flaw is real in S40

800pxnokia_6610i_silverA security firm reported earlier this month that a security flaw had been exposed in Nokia’s S40 phones that could let a hacker get control of a phone simply by knowing the phone number.  This claim seemed a bit dubious as the security firm was charging big bucks for details of the flaw.  Neowin is reporting today that Nokia has acknowledged that the security flaw is real.

Gowdiak posted some detailsearlier this month, with claims that by exploiting the flaws he couldremotely install an application onto a Series 40 handset, and then provide that application with enough security permissions to execute any command he wished. Nokiahas been a week or two getting back to us, but this morning admittedthat they have "been investigating the allegations made, using ournormal processes and comprehensive testing… We can confirm that bothclaims are valid in some of our products."

Hopefully they’ll have a fix for this soon.  It seems that nothing is safe these days if someone is willing to spend the time to exploit it.

loading

Comments have been disabled for this post