Log In | Register
LATEST: Would this video entice you to buy the Samsung Galaxy S4 Zoom?
     
AustraliaSamsung 266 days ago | | 3 Comments

Telstra Galaxy S III not affected by URL version of USSD exploit, is affected through dialer

GalaxySIII good

We’ve just done a little test over here at Android Australia to see if the Australian variants of the Galaxy S III are vulnerable to the glitch that has been plaguing the factory reset function.

We tested the glitch on a Telstra branded Galaxy S III model and it went through the factory reset process through using the dialer. However, when testing it through the URL version it came up that it was not vulnerable and Telstra/Samsung’s latest maintenance update has fixed the issue:

The guys over at Gizmodo also did a test on their 4G Galaxy S III that runs Android 4.1.1 Jelly Bean. It appears that this version of the SGS3 is also vulnerable to reset via the dialer method:

If you’ve got a Samsung Galaxy S III in Australia then it is probably safe to assume that your device can be factory reset through the dialer. However, it is likely that newer Galaxy devices (supposedly above Android version 4.0.3) are safe from URL attacks. If you want to check if your device is in fact vulnerable then head over to our how to page on the topic.

Written by : Josh is the founder of Android Australia. He is an adamant vegan, tech enthusiast and psychology student. He is currently a Google Chromebook Product Specialist and a Student Ambassador. You should probably follow him at +Josh on Twitter or on his personal blog!
  • Cam Charles

    just to nit pick its not really a bug/issue/vulnerability that you can reset the device via the dialer, thats the intended functionality, its just poor UX design to not include a confirmation message before something so monumental as it were

    good to hear some aussie devices are safe though :)

    • http://androidaustralia.com.au Josh Berg

      Yes you’re exactly right. The use of the world vulnerability is probably a bit extreme, but a factory reset is cause for extreme measures.

      Through the dialer it is just a poor UI design, but through the URL/QR/NFC it’s a vulnerability.

      • Cam Charles

        ye thats the distinction i was trying to point out, worded better haha