We may earn a commission for purchases made using our links.

Besides “don’t download apps from sketchy sources”, one of the big rules of keeping your Android device safe is “think carefully about approving app requests for system permissions”. That latter one can be tricky to encourage, since it requires the user to do a bit of critical thinking at the time of installation; does that Sudoku-solving app you downloaded really need the ability to send SMS messages? The idea is, though, that if you are smart about granting permissions, you can stop malicious apps from taking advantage of you. Sometimes it’s not that simple, and the request of a seemingly innocuous permission can give an app more access to your phone than you’d like. That’s the case here, with news arriving today of an exploit present on certain HTC devices.

The problem on phones affected by this issue is that apps granted the ACCESS_WIFI_STATE permission can do more than simply check on the status of your WiFi connection; these models return such requests with full WiFi password details. An app with both this and internet permissions could, in theory, go about surreptitiously harvesting your stored WiFi network passwords.

Models reported to be affected include the Desire HD, myTouch 4G, Desire S, Sensation, EVO 3D, Droid Incredible, and the Thunderbolt 4G. The good news is that HTC was made aware of this problem a while back, and has been hard at work preparing updates to correct things. Most of these have already been distributed during previous maintenance releases; for the rest, HTC will have manual updates ready in the next week or so. It hasn’t said just which of those phones have already been patched, so we’ll have to wait until next week to learn who still needs to install the fix.

Source: HTC

Via: Android Central

You May Also Like
Snapdragon 865 Plus 5G
Qualcomm Snapdragon 865 Plus 5G Mobile Platform with up to 3.1GHz core clock speed goes official
It supports 4K @ 60Hz and QHD+ @ 144H
iPhone 12 Pro might not offer a 120Hz display after all
As per a fresh leak, we can expect to see a 120Hz display on the 2021 iPhone lineup, but not the iPhone 12 series.
HONOR 9X Pro starts receiving May 2020 security patch in India
Apart from the security patch, there’s not much going on with the new update.