We got all excited when the Samsung Galaxy S III 4G was announced for Australia, not just because of the fast speeds, but also because of the fact that it will ship with Android 4.1.1, also known as Jelly Bean. This morning, a vulnerability was discovered in Samsung’s TouchWiz UI that factory resets the phone sans-confirmation. Samsung says it was fixed in the Android 4.0.4 release, so why is it working on this 4.1.1 handset?
Here’s how it works:
A USSD code, or Unstructured Supplementary Service Data code, is used by carriers to trigger commands on your phone. If you’ve ever recharged with prepaid phone credit or gone and found your IMEI number via your phone app, you’ve used USSD.
This particular code isn’t anything out of the ordinary, either. The problem is that when you type it in to trigger a factory reset, the device is meant to stop before it executes the command and ask if you’re sure. That’s what’s missing here — confirmation. That means that anyone can show their friends a “cool trick” or social engineering can be deployed to lure people into resetting their phones.
Samsung says that the issue was fixed in Android 4.0.4 — a maintenance release for Ice Cream Sandwich. This handset that we did it on is running Android 4.1.1 Jelly Bean, so why is it working?
We’ve reached out to Samsung for comment, but until then, don’t on any codes you aren’t sure of.