A reader at WinRumous has revealed that Windows Phone 7.5 is prone to a denial-of-service attack. The attack can be launched simply through a malicious text message which shuts down the phone as soon as it reaches the inbox. Upon rebooting the phone, you are no longer able to send messages because the messaging hub becomes inactive and is locked.
How to launch denial-of-service attack?
The denial-of-service attack can be launched through a text message, a message through facebook or even through msn live messenger chat. As soon as the message is received by the device, the device turns off and the messaging hub of the device is also locked. You may think that the problem is device-specific but it has been tested across a number of devices by different companies. And the problem persists. This necessarily means that the security vulnerability lies with the way in which Windows Phone 7.5 handles the messaging hub.
Similar security vulnerabilities have been found by black hat hackers in iPhone and Android phones. Apple and Android device-makers have improved their devices’ security through this feedback. However, Microsoft still hasn’t issued a statement on this current flaw that has been found in Windows Phone 7.5. I must say that one expects lot better, in terms of software, from a company which is world’s leading software giant.
In case such a message does land in your inbox, the only solution is to hard reset the device and then wipe it.
Checkout the video bellow demonstration of the entire process is also available at the site. How exactly the process works?
Image courtesy Kai Kuchiki.