HTC Android security flaw acknowledged, fixes due

The Wi-Fi security flaw present in some Android-powered HTC smartphones has been acknowledged by the manufacturer on its support page. When connected to Wi-Fi networks, hackers can take advantage of the flaw to gain security access credentials. The flaw was discovered by researchers Chris Hessing and Bret Jordan and would allow the details to be sent to a remote server on the Internet.

The issue was found on September 7, 2011, but the researchers didn't publicly reveal it as they worked with HTC to fix it. An app would need to be installed that was designed to take advantage of the security flaw, so it's not likely to have been a popular one.

The affected smartphones include the Desire, Droid Incredible, Thunderbolt, Sensation, Sensation 4G, Desire S, EVO 3D, and EVO 4G. The myTouch 3G and the Nexus One don't suffer from the issue.

HTC said it has created a fix for the problem, and maintains some handsets already got the fix through regular software updates. The remaining ones will get a fix next week, though it will need to be downloaded manually. [via The Next Web]

By Electronista Staff