HTC has acknowledged that a software flaw on some of its Android phones means that they openly offer security credentials across the Wi-Fi networks they connect to.
According to The Next Web, there would be nothing to stop someone harvesting the details to use in the future. Apparently the flaw affects the following devices:
Desire HD — Versions FRG83D, GRI40 Glacier — Version FRG83 Droid Incredible — Version FRF91 Thunderbolt 4G — Version FRG83D Sensation Z710e — Version GRI40 Sensation 4G — Version GRI40 Desire S — Version GRI40 EVO 3D — Version GRI40 EVO 4G — Version GRI40
According to HTC, an over-the-air fix is being sent out, but some phones may need a manual update. You can find out more about that by reading their announcement on their support site. [HTC via The Next Web]