Phones running Microsoft’s newly released Windows Phone 7.5 mobile operating system are vulnerable to having their text messaging service’s knees kicked off in a denial of service attack.
The flaw is simple as pie to exploit: An attacker simply sends an SMS to a Windows Phone user. According to WinRumors’s tests, Windows Phone 7.5 devices will reboot, but the messaging hub will fail to load even after multiple attempts.
WinRumors’s Tom Warren reported that they tested the attack on a range of Windows Phone devices, including HTC’s TITAN and Samsung’s Focus Flash, with some of the devices running the 7740 version of Windows Phone 7.5 and others on Mango RTM build 7720.
The bug isn’t fussy about which device you have, Warren says; rather, it comes down to how the Windows Phone messaging hub handles messages. He notes that messages sent via Facebook chat or Windows Live Messenger also trigger the bug.
WinRumors reported that the flaw was discovered by Khaled Salameh, a self-proclaimed “geek” from Jordan who reported it to the blog on Monday.
WinRumors’s Warren says the flaw seeps out to pollute other nooks and crannies in the Windows phone operating system, as well. To wit:
If a user has pinned a friend as a live tile on their device and the friend posts a particular message on Facebook then the live tile will update and causes the device to lock up. Thankfully there’s a workaround for the live tile issue, at initial boot up you have a small amount of time to get past the lock screen and into the home screen to remove the pinned live tile before it flips over and locks the device.
It’s been a glum few days for smartphone security, and Microsoft is certainly not the only manufacturer to get punched.
According to Computerworld, Google has pulled 22 malicious apps from the Android Market following a spate of malicious game clones.
Apple, for its part, was hit by the “SMS of death” problem, uncovered by security researchers Charlie Miller and Collin Mulliner, way back in 2009.
But while all three major mobile players have suffered mobile OS maladies, not all have cackled so loudly at each other’s affliction as Microsoft did at Google’s expense.
It was Ben Rudolph, Microsoft’s Windows Phone “evangelist,” who recently, gleefully Tweeted the offer for a free Windows Phone for the five tellers of the most succulent tales of Android malware woe.
Hark: the cackling has turned into Microsoft’s own SMS death rattle. As Sophos’s Graham Cluley o-so-crystal-ballishly writes, one mustn’t throw stones if one lives in a glass house.
Woe, o woe, indeed. It would be kharmic justice if it weren’t actual users who suffer.
WinRumors is now disclosing the bug to Microsoft in cooperation with Khaled but reported that there doesn’t yet seem to be a workaround to fix the messaging hub, aside from a hard device reset and wiping the device.
Check WinRumors’s post for a video that demonstrates the bug in action.
Creative Commons photo of Windows Phone 7.5 courtesy of Emerson Alecrim’s Flickr photostream.
4 comments on “Windows Phone 7.5 susceptible to SMS hack”
How come SMS ping of death exploits are still arround?
It must be at least 15 years since Nokia suffered from them in the 90's, an SMS message is very small, so it ought to be possible to construct a fuzz test suite that will exercise every code path, and give assurance that the SMS stack is not vulnerable.
I agree, this is basic programming. Win Phone 7 promotes itself as one of the most secure mobile OS available. What's the deal?
I remember there was a attack in Symbian Nokia devices called "curse of silence" involving sending of a e-mail in SMS form, with the email address exceeding 32 characters. Is this related with this?
How is this a security flaw? Sounds like a software bug to me.
"An attacker simply sends an SMS to a Windows Phone user." – What does an "attacker" benefit from locking up a users phone? Nothing.
Shameful reporting to lump this in as the same as Google's issues with malware.