After confirming just over two weeks ago a critical SMS attack vulnerability in Windows Phone 7 devices was possible, Microsoft is now reportedly testing a fix to the flaw that was first discovered by Khaled Salameh earlier this month. “[Microsoft's] Security Team contacted me today, they’ve confirmed the WP7 SMS Bug and found the root cause, a fix is currently under testing,” Salameh tweeted on Wednesday.
Just to recap, the flaw is in the Windows Phone 7.5 (or "Mango") operating system. If someone discovered the exploit, they could use it to disrupt a Windows Phone device via a SMS-based attack.
So far there's been no details about how exactly this SMS flaw works to disable Windows Phone. It also doesn't appear to affect any security features. However, it's still an annoyance and clearly a issue that Microsoft can and should fix quickly via either an over-the-air update to Windows Phone 7.5 or an update that requires connecting the Windows Phone device to a PC and downloading the fix via the Zune software.
Although there is no word on when the fix will be made available, we expect Microsoft would probably like to nip this one in the bud as soon as possible.