HTC to release urgent security patch
Company admits some smartphones have security flaw, which compromises users’ data
HTC will release an urgent update to fix a security flaw on several of its smartphone models that could leave users' personal information at risk, according to the BBC.
Last week, the Android Police blog found that users'GPS location and call logs could be accessed by net-enabled apps and HTC has admitted that the flaw could be exploited by cyber-criminals.
"HTC is working very diligently to quickly release a security update that will resolve the issue on affected devices," a spokesperson told the BBC.
HTC said that affected users will be immediately notified and will be able to download the security patch over-the-air.
HTC has not yet confirmed which security models are at risk, but rumours suggest it is the EVO 3D, EVO 4G, Thunderbolt and potentially the Sensation range are affected.
Until the security patch is released, HTC is urging users to be cautious when downloading, installing, using and updating applications.
The flaw can let cyber-criminals access a file which contains a users' personal data, including GPS location history, SMS data, phone logs and e-mail accounts.
The company has said that is found no evidence to suggest that this flaw has been exploited, but said that it does pose a threat to users' information.
"In our ongoing investigation into this recent claim, we have concluded that while this HTC software itself does no harm to customers' data, there is a vulnerability that could potentially be exploited by a malicious third-party application. A third party malware app exploiting this or any other vulnerability would potentially be acting in violation of civil and criminal laws. So far, we have not learned of any customers being affected in this way and would like to prevent it by making sure all customers are aware of this potential vulnerability," read a statement by HTC.
The security patch will be released after a period of testing.