Microsoft Windows phones contain a flaw an attacker can exploit to prevent users from accessing their text messages.
The bug is activated when an attacker sends a rigged text message to a Windows Phone, causing the device to reboot; when it starts up again, the phone buzzes to indicate it has received the message, but it cannot display it. The proof-of-concept hack, shown in a video on WinRumors, affects Windows Phone 7.5 and is not device-specific.
The messaging malfunction can be triggered by a direct text message sent to a targeted phone, or by messages sent through Facebook chat or Windows Live Messenger.
This exploit comes just as Microsoft unveiled a new social marketing campaign, under the Twitter hashtag “DroidRage,” in which the company promises a free Windows phone to the five contestants with the “best” Android malware horror stories.
WinRumors has disclosed the bug to Microsoft, but as of now, there is no fix for the messaging flaw “apart from hard resetting and wiping the device.”