Windows Phone suffers critical SMS attack

SMS attacks aren't just for Android and iOS devices anymore. WinRumors has reported a critical flaw in Windows Phone 7.5 that allows attackers to disable a device by carrying out a denial-of-service (DoS) attack via SMS.

The flaw was first discovered by WinRumors reader Khaled Salameh, who reported it to them last Monday, and it has been reported to Microsoft. As of now, though, there's no fix or workaround to fix the issue.

The attack, which isn't device specific, works by simply sending an SMS to a Windows Phone user. The device will reboot and the messaging hub will not work, and it can also be triggered if a user sends a message through Facebook chat or Windows Live Messenger.

Worse, it affects other parts of the operating system as well. If you have a friend pinned as a live tile on your device, and that friend posts a particular message on Facebook, then the live tile will update and cause the device to lock up. Luckily, there is a workaround for this particular issue, since you have a small amount of time when you first cut the device on to get past the lock screen and get rid of the live tile before it can flip over and start causing problems.

You can also be thankful that the flaw is not security related. It seems to just be a bug with the way Windows Phone handles messaging, rather than anything more sinister. iOS 3.0 suffered from a much more dangerous SMS flaw, which allowed hackers to take total control over the device. If your device is affected, it looks like the only option you have right now is to do a hard reset and wipe the device, but since it's such a serious problem, there's a good chance that we'll be seeing a patch from Microsoft very soon.

See it in action below, courtesy of WinRumors:

Report a problem with article
Previous Story

Netflix stock price rises thanks to Verizon buyout rumors

Next Story

The annoying things about Ice Cream Sandwich

107 Comments

Commenting is disabled on this article.

I would call it an attack if it was already spreading in the wild... this is more like discovery of an attack vector... not an actual attack...
& the people who discovered it have privately reported it to MS... so no need for the fear mongering either...

these "armature" editors have started giving Neowin a bad sheen of late... time to stop these FUD headlines about anything and everything.

wixostrix said,

Months? Yeah probably.

Like the last security update that was released within 1 and a half months? This is more major than that aswell.

Xerax said,
Like the last security update that was released within 1 and a half months? This is more major than that aswell.

C'mon, I'm clearly a Microsoft fan, but it doesn't mean I can't poke fun at them here and there.

wixostrix said,

C'mon, I'm clearly a Microsoft fan, but it doesn't mean I can't poke fun at them here and there.

I thought you were being serious. My bad xD

Xerax said,
I thought you were being serious. My bad xD

Np, I just thought the same thing on another post when the person was too being sarcastic, lol.

It's a bug that makes the phone crash. Cool story, non-event if they can push out a quick enough fix. If i get nailed I will have to say that ONE crash in over a year and a half aint bad at all. But it hasn't happened yet. I'll be ready to complain once a mass attack hits. I mean you gotta believe if there are junk emailers there have to be junk txters as well.

How come anybody saying 'its not even critical' is a WP fanboy? Its not critical lol my HTC Desire crashes sometimes, and more frequently runs out of RAM (clearing it doesnt work) and needs a reboot and I dont care. Having to reboot a WP is

Kinda unrelated, but isn't it about time the SMS dies already? Charging cents for a 160 char string is moronic.

They sure might come handy at times, but if supporting the SMS infrastructure is so expensive that warrants such a per kb price discrepancy compared to 3G then maybe telcoms should consider improving the underlaying technology.

My guess is that the support cost isn't that high and telcoms are just clinging to their classic sources of revenue.

I know this is OT, but SMS bugs are always worrying (even while it's not the case with this one) as you can potentially get a huge bill out of them. It's an unnecessary attack vector to my wallet.

Voice of Buddy Christ said,
I find it hilarious that this comes the same day you guys report on Microsoft giving away Windows Phones to people tired of Android issues. I'd call it karma.

MS did the same when RIM had it's blackberry service outage, it's not exactly new on their part.

Oh my goodness gracious me, the sensationalism of the article title is unbelievable.
When I saw it I was genuinely worried that there was some sort of virus attack BUT NO it is nothing more than a bug in the SMS output which will undoubtedly be fixed.

Neowin, don't go the way of Pocketnow with your Windows Phone bashing.

Most android fanboys don't even care about Windows Phone issues (probably too busy fighting Apple fans), but the rare few that do care will probably send SMS to their WP friends (if they can find any).

---

tuneslover said,
WTF. By the way what's the message? I wan't to send one.

I think they are keeping it private until MS releases a fix

when you first cut the device on to get past the lock screen

Sounds like an extreme way to unlock your phone to me, I guess it beats a slide to unlock lawsuit though

yowan said,
One more reason to use Android

After seeing and working to remove Androids fatal flaws and various malware attacks on many of our corporate Android devices, and ease for hackers to retrieve personal/corporate information, WP7/7.1 looks rock solid compared... Unlike Google, Microsoft and its OEM's will have this sorted and all handsets patched in no time at all... Our WP7 devices have been 100% perfect other than a battery failure or two..

rxsoob said,

After seeing and working to remove Androids fatal flaws and various malware attacks on many of our corporate Android devices, and ease for hackers to retrieve personal/corporate information, WP7/7.1 looks rock solid compared... Unlike Google, Microsoft and its OEM's will have this sorted and all handsets patched in no time at all... Our WP7 devices have been 100% perfect other than a battery failure or two..

+1

yowan said,
One more reason to use Android

Yes, because this clearly makes all of the security flaws, fragmentation, and update issues of the Android platform just go away... /sarcasm

The whole "MS giving out phones to affected Android users" was due to malware. This SMS bug isn't malware. It's a bug with how the messages are dealt with in the operating system. Oh and iOS and Android have also had SMS bugs and problems in the past, so no point going on about that.

I am a happy Android user, but even I will admit there's a malware epidemic in the Marketplace. Microsoft, however, doesn't have much ground to stand on either: Just getting enough people to use their damn phone is stressful enough, but having an SMS attack on it doesn't help. If Microsoft really wants to be the leader in smartphones, they need to pick up their game and start acting like they're serious. Right now, it seems like they're playing catch-up.

PmRd said,
Stop bashing, develop your own phone OS if you're so smart. You people need to get a life.

simple text message killing a so-called cutting edge os. gee. how freaking hard can that be?

Albert said,

simple text message killing a so-called cutting edge os. gee. how freaking hard can that be?

Looks like you know everything (/s) about mobile OSes, so just reread this:
Stop bashing, develop your own phone OS if you're so smart. You people need to get a life.

Or even better, just look at the flaws iOS and Android have had in the past :\

PmRd said,
Stop bashing, develop your own phone OS if you're so smart. You people need to get a life.

Ooooooohhh hit a nerve there did it?

Albert said,

simple text message killing a so-called cutting edge os. gee. how freaking hard can that be?

Have you done software developing before? **** happens when you add or change something, the QC/beta-testing net tries to trap them before it get released to public.

Nothing is perfect. QC and testing will never be perfect.

Albert said,

obviously you are too full of sheet to understand simple sarcasm. i guess that's how you spent your pathetic life. huh?

Prepare to get banned if you keep on telling your lifestory.

recursive said,

Ooooooohhh hit a nerve there did it?

How cute of you to notice something while totally missing the point.

I love how some of you are jumping on the hate wagon over one critical bug. Somehow that justifies any security issues previously found in iOS or Android. Not.

xiphi said,
I love how some of you are jumping on the hate wagon over one critical bug. Somehow that justifies any security issues previously found in iOS or Android. Not.
its bitter sweet considering the wp7 fanboys constantly rip on android.

xiphi said,
I love how some of you are jumping on the hate wagon over one critical bug. Somehow that justifies any security issues previously found in iOS or Android. Not.

Isn't that the same thing all you windows phone fanboys on this site do when a problem with andriod makes the news? Even if it's a problem specific to the hardware manufacturer. You guys still trip over each other to chime in "haha android sux" "clean up your crap google" "I'm so glad I dont have to worry about this stuff on my wonderful WP7"

Don't include me amongst the "windows phone fanboys". I don't even own a Windows Phone. lol

Regardless of OS, exploits are no laughing matter.

xiphi said,
I love how some of you are jumping on the hate wagon over one critical bug. Somehow that justifies any security issues previously found in iOS or Android. Not.

It's not about jumping on any bandwagon. It's about Microsoft opening their silly mouth and OPENLY pointing a finger at other platforms for their issues, when in reality they're no better and have their own. It's just fun watching karma backhand all of these companies for making absolutely horrible business decisions lately.

nekkidtruth said,

It's not about jumping on any bandwagon. It's about Microsoft opening their silly mouth and OPENLY pointing a finger at other platforms for their issues, when in reality they're no better and have their own. It's just fun watching karma backhand all of these companies for making absolutely horrible business decisions lately.

You're comparing apples to oranges and doing a silly job of it. How is malware/viruses and complete phone takeover the same as a SMS BUG that's not even bing activly used/attacked? I know you want to make this seem the same so it can probably help justify all the problems on your platform of choice but it's hardly the same, not even close to the same actually.

GP007 said,

You're comparing apples to oranges and doing a silly job of it. How is malware/viruses and complete phone takeover the same as a SMS BUG that's not even bing activly used/attacked? I know you want to make this seem the same so it can probably help justify all the problems on your platform of choice but it's hardly the same, not even close to the same actually.

Except I'm not comparing apples to oranges. I don't need to justify anything. I've been on the Android platform for almost 2 years and not once have I ever had any malware issues. I never once said malware = SMS bug. What I said was, it serves Microsoft right for publicly pointing the finger at it's competitor when in reality, they should be concerned with themselves and their own issues. I know you want to make this seem like you're smarter than I am, probably so you can justify waving your epeen around, but I'm sorry you failed.

nekkidtruth said,

Except I'm not comparing apples to oranges. I don't need to justify anything. I've been on the Android platform for almost 2 years and not once have I ever had any malware issues. I never once said malware = SMS bug. What I said was, it serves Microsoft right for publicly pointing the finger at it's competitor when in reality, they should be concerned with themselves and their own issues. I know you want to make this seem like you're smarter than I am, probably so you can justify waving your epeen around, but I'm sorry you failed.

That's cute, but i'm not waving any epeen around. Going on about karma and stupidity when this very minor issue is nothing like what MS openly pointed out as a major problem on android. So, hey, you've never hand a malware attack on android, that's good for you, but guess what, how many people have been hit with this SMS bug on WP? The point is this is hardly the same and any MS badmouthing is more than fair. It's not like others don't do the same.

GP007 said,

That's cute, but i'm not waving any epeen around. Going on about karma and stupidity when this very minor issue is nothing like what MS openly pointed out as a major problem on android. So, hey, you've never hand a malware attack on android, that's good for you, but guess what, how many people have been hit with this SMS bug on WP? The point is this is hardly the same and any MS badmouthing is more than fair. It's not like others don't do the same.

I don't ever recall saying "it was the same". Quit putting words in my mouth. Microsoft is stupid for opening it's mouth about issues competitors are facing. Plain and simple. The same would be said about ANY of the competitors. If you're incapable of understanding that, it isn't my malfunction, it's yours. You're attempting to paint me with a fanboy brush....except I'm not a fanboy as I see the issues on all fronts. Doesn't mean I don't find it funny that karma is starting to bitch slap these companies for playing dirty.

nekkidtruth said,

I don't ever recall saying "it was the same". Quit putting words in my mouth. Microsoft is stupid for opening it's mouth about issues competitors are facing. Plain and simple. The same would be said about ANY of the competitors. If you're incapable of understanding that, it isn't my malfunction, it's yours. You're attempting to paint me with a fanboy brush....except I'm not a fanboy as I see the issues on all fronts. Doesn't mean I don't find it funny that karma is starting to bitch slap these companies for playing dirty.

You? A fanboy? I can't even imagine. The nerve of people calling you that...

In reality, though GP007 has stated this repeatedly and for whatever reason you're choosing to ignore it entirely (Kind of like a *pause* fanboy would... Hm...), this is a completely different issue. First, it's ONE flaw in WP7 that I'm sure will be updated soon. It is NOT malware as you've tried several times here to imply, and Microsoft was pointing out a legitimate issue with the Android platform. It is HARDLY the same.

Here's what I really don't understand though. I read Android news just as I read WP7 news. I may post a comment every once in a while, but I have never spammed the comments of a news story with the kind of troll vitriol that "certain individuals" feel the need to do for WP7 news stories... NOR do I see any other individual that takes the time to do so on Android stories. I just do not know how you find the time or the motivation honestly. I think it's a sickness...

M_Lyons10 said,

You? A fanboy? I can't even imagine. The nerve of people calling you that...

In reality, though GP007 has stated this repeatedly and for whatever reason you're choosing to ignore it entirely (Kind of like a *pause* fanboy would... Hm...), this is a completely different issue. First, it's ONE flaw in WP7 that I'm sure will be updated soon. It is NOT malware as you've tried several times here to imply, and Microsoft was pointing out a legitimate issue with the Android platform. It is HARDLY the same.

Here's what I really don't understand though. I read Android news just as I read WP7 news. I may post a comment every once in a while, but I have never spammed the comments of a news story with the kind of troll vitriol that "certain individuals" feel the need to do for WP7 news stories... NOR do I see any other individual that takes the time to do so on Android stories. I just do not know how you find the time or the motivation honestly. I think it's a sickness...

Never once said it was malware. Never once said Android was perfect. Never once said or implied they were the exact same issue. Learn to read, please.

I'm not ignoring anything. I have repeatedly stated that they are not the same issue. When you're done swooping in like a *pause* fanboy, you might want to stop and actually read the words in my comments. Just saying. If you want to be angry because I'm calling out how funny it is that Microsoft got bitchslapped by karma, that's fine. I'm sorry you don't find this SMS bug to be a "legitimate issue". Also, for the record....pot, kettle called. He wants his black back. You have your "sickness".

The fact that Microsoft attempted to call out Android for it's "malware" just as a critical issue is found on their own platform, makes me smile. Idiots.

nekkidtruth said,
The fact that Microsoft attempted to call out Android for it's "malware" just as a critical issue is found on their own platform, makes me smile. I'm an idiot.

Yes, because this has anything to do with malware.

nekkidtruth said,
The fact that Microsoft attempted to call out Android for it's "malware" just as a critical issue is found on their own platform, makes me smile. Idiots.

Yea because 100% of Android devices have malware on them /s

Coi said,

Yes, because this has anything to do with malware.

I never said it did. However, I can't be responsible for whatever assumptions/deductions you make in your head. Incorrect or not.

SharpGreen said,

Yea because 100% of Android devices have malware on them /s

I know right?

nekkidtruth said,
The fact that Microsoft attempted to call out Android for it's "malware" just as a critical issue is found on their own platform, makes me smile. Idiots.

Not really critical, do you know what SMS code/text is needed to do this? Does it give complete control of your phone over to some hacker like a malware/virus filled app would do? No and No, important to fix, yes, critical security concern, not really.

Besides do you get SMS spam on your phone or something? THe only people I get sms's from are my carrier and friends.

GP007 said,

Not really critical, do you know what SMS code/text is needed to do this? Does it give complete control of your phone over to some hacker like a malware/virus filled app would do? No and No, important to fix, yes, critical security concern, not really.

Besides do you get SMS spam on your phone or something? THe only people I get sms's from are my carrier and friends.

Please read the article. This "not really critical" bug enables one to not only knock out SMS functionality, but can also lock up the device. Pretty sure that falls under "critical". Regardless of WHO you get text messages from, the fact remains this is a critical issue.

nekkidtruth said,

Please read the article. This "not really critical" bug enables one to not only knock out SMS functionality, but can also lock up the device. Pretty sure that falls under "critical". Regardless of WHO you get text messages from, the fact remains this is a critical issue.

It reboots the device and only knocks out the messaging hub, your phone isn't bricked, it's not infected and leaking your data online or taken over and used, a simple reset and it's fixed. It's a pain to reset but since WP is setup the way it is (and i've done this personally) a reset isn't any type of huge loss data wise.

It's also not being actively used to attack people so critical it's not, it'd be rated as important.

nekkidtruth said,

Please read the article. This "not really critical" bug enables one to not only knock out SMS functionality, but can also lock up the device. Pretty sure that falls under "critical". Regardless of WHO you get text messages from, the fact remains this is a critical issue.


ZOMG! My device locks up! Hmm, let's reboot it.. Solved!
If you call this a CRITICAL issue, shouldn't you call malware on Android that reads / sends your messages / history, drains battery, and a lot more UBER SUPER MEGA ULTRA critical?

SharpGreen said,

Yea because 100% of Android devices have malware on them /s

Well they have Carrier IQ, so in a way yes they all have malware.

GP007 said,

It reboots the device and only knocks out the messaging hub, your phone isn't bricked, it's not infected and leaking your data online or taken over and used, a simple reset and it's fixed. It's a pain to reset but since WP is setup the way it is (and i've done this personally) a reset isn't any type of huge loss data wise.

It's also not being actively used to attack people so critical it's not, it'd be rated as important.

Clearly we differ on what "critical" is. A bug that locks up the device, is critical. The device CAN'T be used until it's reset/rebooted. That's critical. If plane engines lock up mid-flight, that's critical. If a computer system goes down in Wallstreet mid-trade, that's critical. If my phone locks up mid-anything, that's critical. You're welcome to believe otherwise, but the reality is this bug stops the device from doing what it's suppose to do. Can it be fixed by a simple reboot? No. You can bypass the bug with a simple reboot, until the bug is triggered again. In the end, it doesn't matter what you or I think.

Coi said,

ZOMG! My device locks up! Hmm, let's reboot it.. Solved!
If you call this a CRITICAL issue, shouldn't you call malware on Android that reads / sends your messages / history, drains battery, and a lot more UBER SUPER MEGA ULTRA critical?

I lol'd cause you're so ridiculous.

nekkidtruth said,

I never said it did. However, I can't be responsible for whatever assumptions/deductions you make in your head. Incorrect or not.

You CLEARLY were trying to imply that. Only to retract it and say that everyone misunderstood when you were called on your uneducated post? Come on now, let's man up and act like adults. Take responsibility for your words...

Enron said,

Well they have Carrier IQ, so in a way yes they all have malware.

Really? Verizon doesn't use CarrierIQ. My Android is on Verizon. Your statement is 100% FALSE. Please get your facts straight. PATHETIC!

nekkidtruth said,

Clearly we differ on what "critical" is. A bug that locks up the device, is critical. The device CAN'T be used until it's reset/rebooted. That's critical. If plane engines lock up mid-flight, that's critical. If a computer system goes down in Wallstreet mid-trade, that's critical. If my phone locks up mid-anything, that's critical. You're welcome to believe otherwise, but the reality is this bug stops the device from doing what it's suppose to do. Can it be fixed by a simple reboot? No. You can bypass the bug with a simple reboot, until the bug is triggered again. In the end, it doesn't matter what you or I think..

*sigh* Maybe you should watch the video or something, the device isn't locked the only thing that doesn't work is the messaging hub, the rest of the phone works fine until you do a reset. It's not as critical as you want to make it seem/sound. And again, this sms bug isn't being attacked, there's no info to show it is, it's just not critical.

Maybe you don't fully understand the scope or the effect of the bug I guess.

Enron said,

Well they have Carrier IQ, so in a way yes they all have malware.

Only in a free countries (US, I think also Japan... anyone else? ) and even on those only with certain carriers.

So yeah... no.

ichi said,

Only in a free countries (US, I think also Japan... anyone else? ) and even on those only with certain carriers.

Autocorrection does funny things when writting in a foreign language. I meant "few countries".

So yeah... no.


GP007 said,

*sigh* Maybe you should watch the video or something, the device isn't locked the only thing that doesn't work is the messaging hub, the rest of the phone works fine until you do a reset. It's not as critical as you want to make it seem/sound. And again, this sms bug isn't being attacked, there's no info to show it is, it's just not critical.

Maybe you don't fully understand the scope or the effect of the bug I guess.

Just asking what is the restart thing you all are talking about? If you can factory reset to fix it, all Android malwares can also be fixed with just a simple reset? So I guess it is not a problem after all

tanjiajun_34 said,
Just asking what is the restart thing you all are talking about? If you can factory reset to fix it, all Android malwares can also be fixed with just a simple reset? So I guess it is not a problem after all

I never said restart, I said reset which is what you bring up but in the case of WP7 since everything (except for sms messages, heh) are all synced off of the phone so a simple reset isn't much of a loss, just takes some time to reinstall your apps, but the web marketplace has your app history so it's easy to do.

M_Lyons10 said,

You CLEARLY were trying to imply that. Only to retract it and say that everyone misunderstood when you were called on your uneducated post? Come on now, let's man up and act like adults. Take responsibility for your words...

Please learn to read. I did not say or imply that Microsoft had malware, or that the SMS bug was "the same" as malware. What I did say was:

The fact that Microsoft attempted to call out Android for it's "malware" just as a critical issue is found on their own platform, makes me smile. Idiots.

I'm not sure which part of the english language you speak, but in mine I simply pointed out that Microsoft shouldn't be pointing fingers. Period. Doesn't matter WHAT the issue is. Thank you, come again.

GP007 said,

*sigh* Maybe you should watch the video or something, the device isn't locked the only thing that doesn't work is the messaging hub, the rest of the phone works fine until you do a reset. It's not as critical as you want to make it seem/sound. And again, this sms bug isn't being attacked, there's no info to show it is, it's just not critical.

Maybe you don't fully understand the scope or the effect of the bug I guess.

Please allow me to enlighten you. Since you are incapable of actually reading the above article:

Worse, it affects other parts of the operating system as well. If you have a friend pinned as a live tile on your device, and that friend posts a particular message on Facebook, then the live tile will update and cause the device to lock up.

Pretty sure it says "cause the device to lock up". Are we done yet? Cause it's not me who's unable to understand the "scope of this bug", I guess.

nekkidtruth said,

Please allow me to enlighten you. Since you are incapable of actually reading the above article:

Pretty sure it says "cause the device to lock up". Are we done yet? Cause it's not me who's unable to understand the "scope of this bug", I guess.

And you unpin the live tile so it doesn't lock up when it updates, problem solved easy, then just reset and it's fixed. d00m! The sky is falling! And again, do you know the character set/message needed to make this work? Does anyone? Is it being actively used and attacked? No to all, thus not critical!

nekkidtruth said,

Please learn to read. I did not say or imply that Microsoft had malware, or that the SMS bug was "the same" as malware. What I did say was:

The fact that Microsoft attempted to call out Android for it's "malware" just as a critical issue is found on their own platform, makes me smile. Idiots.

I'm not sure which part of the english language you speak, but in mine I simply pointed out that Microsoft shouldn't be pointing fingers. Period. Doesn't matter WHAT the issue is. Thank you, come again.

Sigh... dude, you were implying that WP has security issues because you compared both in the same sentence. If you really wanted to say something like "Microsoft shouldn't be laughing at Android malware woes when they have their own critical bugs to deal with", then you have to amend your original sentence.

By the way, there's no "part of the english language" (please capitalize the E in "English") so obviously you're the one needing education here. However I understand that not everyone has English as their first tongue (it isn't for me too) so... let's work hard on this!

GP007 said,

And you unpin the live tile so it doesn't lock up when it updates, problem solved easy, then just reset and it's fixed. d00m! The sky is falling! And again, do you know the character set/message needed to make this work? Does anyone? Is it being actively used and attacked? No to all, thus not critical!

So, not using a function the phone was designed to use, because it's bugged and causes the phone to lock up, is not critical? Uh no. YOU may not find it critical, which is fine. Your choice. I however, find it critical. Good bye.

resol612 said,

Sigh... dude, you were implying that WP has security issues because you compared both in the same sentence. If you really wanted to say something like "Microsoft shouldn't be laughing at Android malware woes when they have their own critical bugs to deal with", then you have to amend your original sentence.

By the way, there's no "part of the english language" (please capitalize the E in "English") so obviously you're the one needing education here. However I understand that not everyone has English as their first tongue (it isn't for me too) so... let's work hard on this!

If you say so....oh wait...no. Just because that's how YOU read it, does not make it so. I've repeatedly explained my position and how my comment was MEANT to be taken. The onus on is on you to understand that given all of the information. Not on me. I've done my part.

nekkidtruth said,

I lol'd cause I'm so ridiculous and can't provide any argumentation so I just start pointlessly insulting people.


Fixed.

Coi said,

Fixed.

That's because you're under the incorrect assumption that this is an argument. I simply stated my opinion that Microsoft should mind it's own issue before publicly pointing the finger at their competitors. Apparently, the MS fanboys are a bit rabid and butt hurt. I can't help it if Windows Phone sucks, maybe you should direct your anger where it belongs. Microsoft.

nekkidtruth said,

I simply stated my opinion that Microsoft should mind it's own issue before publicly pointing the finger at their competitors.

Yes you did, and I also agree with that, but you also stated that this was a "CRITICAL ISSUE". Then I replied saying it was certainly not a 'critical' issue compared to what we see on other operating systems, and you just replied with me being ridiculous.

nekkidtruth said,

the MS fanboys are a bit rabid and butt hurt. I can't help it if Windows Phone sucks

From my experience, people are only butthurt if they start stating their opinions as a fact. So better rephrase that 2nd sentence.

Also, I don't want to start any childish fight here. Sorry if I subconsciously insulted you.

smooth3006 said,
Lmao...

Why? iOS and Android have previous had security flaws with SMS; they probably still have some that haven't been found yet.

Callum said,

they probably still have some that haven't been found yet.

The same holds for WP. Thing is Android folks admit their system isn't perfect for everyone, unlike the WP fans who continue to blindly defend their sinking ship..

recursive said,

The same holds for WP. Thing is Android folks admit their system isn't perfect for everyone, unlike the WP fans who continue to blindly defend their sinking ship..

Yes, one minor bug, first one found, and the sky is falling!

xTdub said,
So, is it flooding the phone with texts or is it a malformed SMS that causes the issue?

It's not a flood, it's a bug in parsing certain text. A bug which has resulted in far more serious flaws for iOS and Android in the past. It is also currently a private bug and not in the wild.

The only "attack" happening here is the authors sensationalism. If you want to read real journalism on this topic see: http://www.wpcentral.com/windo...bug-disabling-messaging-hub

funkydude said,

It's not a flood, it's a bug in parsing certain text. A bug which has resulted in far more serious flaws for iOS and Android in the past. It is also currently a private bug and not in the wild.

The only "attack" happening here is the authors sensationalism. If you want to read real journalism on this topic see: http://www.wpcentral.com/windo...bug-disabling-messaging-hub

Thanks. That's a good article on the subject.

Crender said,
Just a couple of hours after the article about windows phone bagging android. lulzzz

Karma. LOL. Google should respond. Maybe show a Windows Phone with BSoD?

Crender said,
Just a couple of hours after the article about windows phone bagging android. lulzzz

Was thinking about this when I read the title. And as UndergroundWire said, Karma stings doesn't it MS?

SteelToast said,

Was thinking about this when I read the title. And as UndergroundWire said, Karma stings doesn't it MS?

little to do with karma

UndergroundWire said,

Karma. LOL. Google should respond. Maybe show a Windows Phone with BSoD?


windows phone with BSoD ? where have you been ? clearly not earth

UndergroundWire said,

Karma. LOL. Google should respond. Maybe show a Windows Phone with BSoD?

Oh, lockup and freeze is a "feature" of Android, not WP...

Morden said,

Oh, lockup and freeze is a "feature" of Android, not WP...

Read the article. There is a shoddy port for WP available if you have the 'right' friends on FB.

Did you actually read the article? It's actually a fairly minor flaw compared to most of the other issues Android suffers from. Having a cute little mascot doesn't make a product great. At the end of the day, Android is simply Windows Mobile with a Linux core and widgets.

Crender said,
Just a couple of hours after the article about windows phone bagging android. lulzzz

Anthony S said,
Having a cute little mascot doesn't make a product great.

I've always liked Microsoft's Windows Flag. But on some of their products, it looks more like a Surrender Flag. With bad product management of Windows Phone and let's not forget the Zune hardware.

I love how all the google fanboys use this to 'feel' better about their insecure android phone At the ends of the day, this problem is probably already contained because unless you know what the secret code is, you can't harm a windows phone. The guy that does already reported to ms for a fix.

Meanwhile, android is still suffering from things like Carrier IQ, malware, viruses, and laggy battery craving os.

flexkeyboard said,

Meanwhile, android is still suffering from things like Carrier IQ, malware, viruses, and laggy battery craving os.

Carrier IQ is not android specific. The latest release is not laggy or battery craving. Its like saying Microsoft 3.1 was a terrible OS that didnt support multi core processors or 32 bit colour. No **** sherlock. Its old!

flexkeyboard said,
I love how all the google fanboys use this to 'feel' better about their insecure android phone At the ends of the day, this problem is probably already contained because unless you know what the secret code is, you can't harm a windows phone. The guy that does already reported to ms for a fix.

Meanwhile, android is still suffering from things like Carrier IQ, malware, viruses, and laggy battery craving os.

I love the how all the Microsoft fanboys (yes, YOU!) are the exact opposite. Congratulations.

flexkeyboard said,
I love how all the google fanboys use this to 'feel' better about their insecure android phone At the ends of the day, this problem is probably already contained because unless you know what the secret code is, you can't harm a windows phone. The guy that does already reported to ms for a fix.

Meanwhile, android is still suffering from things like Carrier IQ, malware, viruses, and laggy battery craving os.

It's not about "fan" that makes people upset, it's about over protection... you feel on the defense because Windows phones are the minority. I JUST switch from Windows mobile to droid, after being a HUGE Windows mobile fan for the last 10 or 12 years. They ALWAYS attack Windows and Microsoft, this is NOT new. I know it's getting "old" to keep putting Windows products on the defensive. I ditched Windows mobile basically because Steve Balmer is a COMPLETE idiot, don't have ANY faith in Windows or Microsoft at this point.

Also your point about "secret code" doesn't exist, don't know where you got that, but that is INCORRECT information, there is "secret code" for Windows. ANY (and I want to make this PERFECTLY clear) ANY phone can and *IS* attacked. It's not even a reflection on the product or the OS itself.. it's USERS that make a device vulnerable. Because people are lazy and don't want to follow simple rules like setting a lock screen password or protecting your phone like leaving the bluetooth on or connecting to any WiFi within range without knowing the RISKS!

This latest version of SMS attacks is more about SMS in general anyway, so stop being defensive. Yes Droid does have Carrier IQ, and my phone does have it.. but guess what? Phone companies do NOT need the put a device to spy on you.. hate to burst your bubble.. The phone companies ALREADY have a way in, it's called THEIR NETWORK. They ALREADY have GPS, data, phone calls, SMS texts info, the device software is to gauge HOW the devices react to the network. I know you don't believe me, I don't care.

ATT, Verizon, Sprint, T-moble, and ANY carrier in the world spies on every users phone and data behavior at ALL times. We can get into the argument about make this information available to the governments all day, but whether or not your device has such software does NOT prevent them from getting what they need.

Read the fine print and damn agreement you signed when you joined your carrier.. you ACCEPTED it now live with it.

flexkeyboard said,
I love how all the google fanboys use this to 'feel' better about their insecure android phone At the ends of the day, this problem is probably already contained because unless you know what the secret code is, you can't harm a windows phone. The guy that does already reported to ms for a fix.

Meanwhile, android is still suffering from things like Carrier IQ, malware, viruses, and laggy battery craving os.

I like how the WP users are turning into the new iSheep and continuing to live in denial even when their house is burning.

recursive said,

I like how the WP users are turning into the new iSheep and continuing to live in denial even when their house is burning.

An SMS that reboots a phone, but causes no damage or security breach, and WP7 users should be crying? Really?

Wow, that is about the dumbiest thing I've seen today.

A Denial of Service, or overload attack that offers NO WAY to execute code or gain access to a device is worthless. It would be like me driving by your house with a universal remote and flipping off your TV.

Additionally, if the SMS is actually 'malformed' or being 'spammed' the carrier should be catch it, and it shouldn't be getting to the phone.

If I call your landline with a computer dialer 1000 times a minute, it no longer will work, should you be concerned that your home is being invaded and your 1970s telephone isn't 'secure'...

Really?

Give me your IP or Phone Number of your Android or iOS, and I can have a tech here do more than reboot your phone...