S60 SMS vulnerability resolution and temporary solutions

News source: text/hopelessew @ opda
2009, the beginning of a security nightmare. Since then, Nokia's mobile phones have been killed. Everyone defends themselves. The S60 SMS vulnerability has been confirmed by foreign media.
Nokia's official anti-virus software partner F-Secure also confirmed. F-Secure's mobile phone security software has been able to solve this problem, and launched the FortiCleanUp tool to solve this problem. However, this is temporary. If you have already completed the trick, you need to run this tool every time you restart your mobile phone to receive the information normally.

A new widely risky vulnerability based on the Saipan smartphone operating system was announced yesterday. The vulnerability Tobias Engel called the "Silent text message curse" was discovered and disclosed at the 25th "Chaos Communication Conference.

Chaos Communication Congress is organized by the German Chaos Computer Club. These are all hackers. This year's theme is security nightmare 2009.
This vulnerability can invalidate the SMS function on infected mobile phones. Infected mobile phones cannot receive text messages. Smartphones including UIQ, S60V2 FP2, S60V2 FP3, S60V3, and S60V3 FP1 will be attacked in this way. S60V3 FP2 and S60 V5 will not be infected.

Samu Konttinen, head of F-Secure's mobile division, said: "No technical experience is required to launch attacks. Because of this, there are many risks when it becomes a public hazard. We have provided Security updates to F-Secure Mobile Security users.

F-Secure Mobile Security protects and stops the detected vulnerability and fixes the Mobile phone number, so that users will no longer lose text messages in their inbox.

Simple attacks-it can be used on almost any Nokia phone that has the option of "webmail" short message, including earlier non-smart phones. This makes it possible for people to try and see how it happens. F-Secure said. It warned that the danger of such attacks increases because mobile phone networks also send notifications of new voice emails via text messages. Therefore, the attacked mobile phone can also stop new voice information prompts.

Engel, the vulnerability exposed by the vulnerability, suggests a different way to protect mobile phones. It is recommended that network operators filter out irregular text messages to solve these problems when text messages pass through the SMS Server.

Online storage downloadFortiCleanUp toolDiscussion (Chinese)

If Nokia does not release patches, China Mobile does not know if it will take measures.
Conclusion: Unfortunately, the exclusive killing tool can be used. Or to html ">Http://campaigns.f-secure.com/mobile-security/index.htmlDownload the trial F-Secure scan and repair.

Vulnerability description:Http://www.f-secure.com/v-descs/exploit_symbos_smscurse_a.shtml