The rather serious security vulnerability discovered in some HTC phones over the weekend raised a couple of eyebrows. Apparently any application which requires internet access permission is able to access sensitive information collected by HTC’s logger application.
The Taiwanese manufacturer made a public statement conclusing “that while this HTC software itself does no harm to customers’ data, there is a vulnerability that could potentially be exploited by a malicious third-party application. A third party malware app exploiting this or any other vulnerability would potentially be acting in violation of civil and criminal laws”.
HTC promises a quick over-the-air update in order to patch things up which will be delivered to affected phones after a short period of carrier testing. Until then, HTC advises “to use caution when downloading, using, installing and updating applications from untrusted sources”.