Samsung has rushed out a patch designed to prevent a flaw in the way that some of its flagship Galaxy S III smartphones rendered USSD code. The flaw allowed the devices to perform a factory reset without warning.
The Korean tech giant has issued a statement urging people running older firmware on their S IIIs to upgrade it:
No ad to show here.
We would like to assure our customers that the recent security issue concerning the GALAXY S III has already been resolved through a software update. We recommend all GALAXY S III customers to download the latest software update, which can be done quickly and easily via the Over-The-Air (OTA) service.
The issues only appears to affect people who haven’t updated to the latest software version. The exploit has also been noticed on the Galaxy S II series, the Galaxy S Advance, Galaxy Beam, and Galaxy Ace.
It can be triggered by a malicious URLs and QR codes and reportedly acts through Samsung’s TouchWiz UI.
This is not the first vulnerability exposed on a Samsung phone. A team of South African and UK hackers recently managed to exploit a standard Samsung Galaxy SIII phone running Android 4.0.4 (Ice Cream Sandwich) by delivering a malicious file over the new S Beam feature, which uses the NFC functionality to send files between two phones.