A security flaw was found over the weekend specifically, in regards to HTC’s software found in all their Android devices with their Sense UI. We posted the news earlier today and HTC was quick to respond saying they would look into it. True to their word, after taking a look at the data, they have confirmed the security hole and will begin working with carriers to release an OTA update to patch everything up. HTC issued this statement:
HTC takes claims related to the security of our products very seriously. In our ongoing investigation into this recent claim, we have concluded that while this HTC software itself does no harm to customers’ data, there is a vulnerability that could potentially be exploited by a malicious third-party application. A third party malware app exploiting this or any other vulnerability would potentially be acting in violation of civil and criminal laws. So far, we have not learned of any customers being affected in this way and would like to prevent it by making sure all customers are aware of this potential vulnerability.
HTC is working very diligently to quickly release a security update that will resolve the issue on affected devices. Following a short testing period by our carrier partners, the patch will be sent over-the-air to customers, who will be notified to download and install it. We urge all users to install the update promptly. During this time, as always, we strongly urge customers to use caution when downloading, using, installing and updating applications from untrusted sources.
The security flaw essentially makes it possible for a malicious app to gain the private information HTC logs, like your coordinates, user account information and system logs. If you thought HTC would drag their feet in dealing with this potentially big issue — well you were wrong. Now we just have to see how well carriers will work with the company in pushing out a speedy update.