HTC has acknowledged that a software flaw on some of its Android phones means that they openly offer security credentials across the Wi-Fi networks they connect to.
According to The Next Web, there would be nothing to stop someone harvesting the details to use in the future. Apparently the flaw affects the following devices:
Desire HD — Versions FRG83D, GRI40
Glacier — Version FRG83
Droid Incredible — Version FRF91
Thunderbolt 4G — Version FRG83D
Sensation Z710e — Version GRI40
Sensation 4G — Version GRI40
Desire S — Version GRI40
EVO 3D — Version GRI40
EVO 4G — Version GRI40
According to HTC, an over-the-air fix is being sent out, but some phones may need a manual update. You can find out more about that by reading their announcement on their support site. [HTC via The Next Web]