Malicious SMS Messages, Facebook Chats Hit Windows Phone

A new attack uses malicious SMS messages to disable the messaging hub on Windows Phone devices, according to researchers.

The SMS message exploits a flaw in how the Windows Phone mobile platform handles messages to trigger a denial-of-service attack that can disable all messaging functionality on the device, WinRumors reported.

Factory reset

A factory reset is the only way to fix the problem and restore access to the messaging hub. The bug, discovered by WinRumors reader Khaled Salameh, has already been reported to Microsoft.

The malicious text causes the phone to reboot and then cuts access to the messaging hub, a centralised area where users can view all text and instant messages received on Windows Phone, according to a video posted on YouTube demonstrating the attack.

The vulnerability can also be triggered by a Facebook chat or a message sent using Windows Live Messenger. The text can also be used to crash the email app, Facebook and hang the entire phone, according to Salameh.

“I have a specific text, that if shared with a Windows Phone 7, will cause (this) device to crash indefinitely!” Salameh posted on Twitter.

The flaw also affects the “live tile” functionality on the operating system. If a user pinned a friend as a live tile and that friend posts a particular type of message on Facebook, the live tile would automatically update and cause the device to lock up, according to WinRumors.

It is not clear what the message’s content has to be to trigger the flaw, but it appears the live tile issue may involve using a “weird font”, according to Salameh’s Twitter feed. The flaw may be XAML-based, but Salameh declined to provide additional details on Twitter, saying, “Disaster if this thing goes to the wild!”

Salameh said the attack does not work on iOS devices, but he was still in the middle of testing Android devices. The same malicious text can also crash various Microsoft programs, including Visual Studio 2010, Expressions Blend and Microsoft Help Viewer, he said.

WinRumors tested the attack on a range of Windows Phone devices, including the HTC Titan and the Samsung Focus Flash. Some devices were running the 7440 version of Windows Phone 7.5 while others were on Mango RTM build 7720, according to the site. The issue does not appear to be device-specific.

Not first – or last

Windows Phone is not the first platform to be hit by text message viruses. Security researcher Charlie Miller discovered a SMS flaw way back in iOS 3.0 that allowed attackers complete control over the iPhone with a malicious text message. Apple closed the flaw in a security update. SMS attacks on Android devices generally knock the phone offline rather than giving remote access or trick users into sending messages to prime rate numbers.

However, the timing of the SMS flaw is a little unfortunate for Microsoft, who is currently in the middle of a free Windows Phone giveaway on Twitter. The marketing campaign, with the Twitter hashtag #droidrage, will give free phones to five people who post the worst stories about their Android experiences on the microblogging site.

“Share your android malware story (there’s lots going around) and you could win a Windows Phone upgrade,” Ben Rudolph, Microsoft’s Windows Phone and Windows PC evangelist, wrote on Twitter. It is not known which of the Windows Phone handsets currently on the market would be part of the giveaway.

The #droidrage campaign was a “somewhat below-the-belt” attempt to highlight the possible security deficiencies of Android rather than the benefits of Windows Phones, Graham Cluley, senior consultant at antivirus firm Sophos, wrote on the Naked Security blog. Microsoft must be pretty happy to “find the malware boot on the other foot for once”, he wrote, referring to how Windows has a bigger proportion of malware targeting the operating system than Unix or Mac systems.