Bug gives access to WiFi passwords on certain HTC handsets

• Kevin Krause
• 12 years ago

HTC has had its fair share of security problems over the past few months, and the manufacturer is coming clean about yet another potential data leak. Certain HTC phones contain a bug that allows third-party apps with android.permission.ACCESS_WIFI_STATE enabled can gain easy access to a users WiFi network info, including password. The exploit was discovered back in September, but the folks who discovered it haven’t gone public with their info until today. HTC is brushing the issue, which affects handsets from the Desire HD and Droid Incredible to the Sensation and EVO 3D, off as a minor one.

A number of affected handsets have already received a fix for the problem as part of regular software updates over the past several months, but some will need to have a fix manually installed. HTC plans to release more info about how users can accomplish this task next week.

[via The Verge]