Since Microsoft is giving away free Windows Phone handsets to Android malware victims, one might think that its platform is free of vulnerabilities, but that doesn't seem to be the case. Apparently, all it takes is a text message to be sent to a Mango device for it to start misbehaving.
By sending a text message to a Windows Phone user, an attacker can cause the victim's device to crash. What the text message must contain in order for the bug to be triggered is not clear. Once the smartphone is turned back on again, its Messaging hub becomes inaccessible. Chat messages sent via Facebook or Windows Live Messenger reportedly work as well.
The cause for the bug is said to lie in the way the Messaging hub handles incoming texts. The vulnerability does not appear to be device-specific as it has been replicated multiple times on different Windows Phone handsets, such as the HTC Titan and the Samsung Focus Flash. Besides, both the 7740 and the 7720 build versions of Mango are said to be exposed to attacks.
At this time, the only to get an affected device working again seems to be performing a hard reset. Thankfully, Microsoft has been made aware of the issue, so we hope that a patch gets released soon. Below is a video of the attack in action, so feel free to take a look.