Software bug in Windows Phone Mango crashes handsets, disables Messaging hub

Software bug in Windows Phone Mango crashes handsets, disables Messaging hub
Since Microsoft is giving away free Windows Phone handsets to Android malware victims, one might think that its platform is free of vulnerabilities, but that doesn't seem to be the case. Apparently, all it takes is a text message to be sent to a Mango device for it to start misbehaving.

By sending a text message to a Windows Phone user, an attacker can cause the victim's device to crash. What the text message must contain in order for the bug to be triggered is not clear. Once the smartphone is turned back on again, its Messaging hub becomes inaccessible. Chat messages sent via Facebook or Windows Live Messenger reportedly work as well.

The cause for the bug is said to lie in the way the Messaging hub handles incoming texts. The vulnerability does not appear to be device-specific as it has been replicated multiple times on different Windows Phone handsets, such as the HTC Titan and the Samsung Focus Flash. Besides, both the 7740 and the 7720 build versions of Mango are said to be exposed to attacks.

At this time, the only to get an affected device working again seems to be performing a hard reset. Thankfully, Microsoft has been made aware of the issue, so we hope that a patch gets released soon. Below is a video of the attack in action, so feel free to take a look. 


FEATURED VIDEO

22 Comments

1. bloodline

Posts: 706; Member since: Dec 01, 2011

miscrosoft..bugs...crashes.... no, never! trollface

7. messiah

Posts: 438; Member since: Feb 19, 2010

wasnt there just a story posted about them giving away free windows phones to users with crashing androids??? lol

18. joex2

Posts: 22; Member since: Nov 23, 2011

Coincidence that right? How much does Google spend on hacker's to find vulnerabilities in WP7? From Eric Schmidt can expect everything.

2. Sessanta

Posts: 6; Member since: Oct 11, 2011

Take that windows phone !! Your OS is still buggy and you dare to say that Android is full of malware.. Look at yourself in mirror first !!

6. Uzzelien

Posts: 131; Member since: Feb 22, 2011

Yes and google has said their programs have contained a virus that affected asian phones.

3. anywherehome

Posts: 971; Member since: Dec 13, 2011

5. karanstyle

Posts: 188; Member since: Jun 26, 2011

Fake! its an image and a programmer is not so stupid to tell you move out of the error by pressing Alt+Ctrl+Delete when the buttons dont exist are u....?

8. XiphiasGladius

Posts: 813; Member since: Aug 21, 2011

That image is somewhat a humor attack towards Windows phone via crash notification on PC's, obviously its a fake one. . .

13. anywherehome

Posts: 971; Member since: Dec 13, 2011

thank you, that you recognized it is humour :)

4. SemperFiV12

Posts: 949; Member since: Nov 09, 2010

Apparently you guys did not get that this does not happen with a normal SMS message... Android is full of issues due to the crazy surge of popularity and the open nature of their market / software. Every piece of technology built can have their OS tampered with, just seems not to happen on the WP7 platform. But it is capable, and maybe even too easy... I'm sure MS will act quickly.

9. bayhuy

Posts: 320; Member since: Jun 23, 2011

I miss the good old BSOD (Black Screen Of Death)

10. kamen

Posts: 103; Member since: Jul 18, 2011

I still remember the SMS of death for Nokia handsets. It's neen a long time since messages were deadly for phones, though.

11. Leyjee

Posts: 47; Member since: Feb 25, 2011

This happened to me and is the ONLY bug/imperfection/lag i have ever had on wp7, its the most streamlined system ive ever used. I just restarted my focus.

12. yatmiko

Posts: 37; Member since: Dec 13, 2011

Not only Windows phone having this issue My Galaxy S also having the same issue more then 2 times every weeks my phone suddenly off when it received new message.

14. protozeloz

Posts: 5396; Member since: Sep 16, 2010

Ha! Talk about backfire Well no OS is perfect but i like to laught when they try to play hero and it backfires

15. ivanko34

Posts: 617; Member since: Sep 04, 2011

With Microsoft we must be prepared to a very long endless list of bugs That's a tradition with Microsoft They like so much bugs viruses trojan

16. GJanee

Posts: 214; Member since: Jun 29, 2011

and when did you see a trojan or a virus on wp? small bugs might be, but tell me, that your droid (had trojans, viruses, now malware, plus carrieriq, and so on and so forth with the security threats) or symb device is flawless. i dare ya. :D

17. protozeloz

Posts: 5396; Member since: Sep 16, 2010

CarrierIq is not on Droids as verizon has said they don't use it, Also No Nexus Has CarrierIq and only US versions seem to have Carieriq depending on the Phone Company. So far the security threat is more based on the apps permissions as apps need to ask for permissions to do things. its not like people cant tell what kind of app is going after your stuff just by seeing that a game requires to record your calls or read your messages

20. Penny

Posts: 1844; Member since: Feb 04, 2011

@ivanko34 First of all, this is a vulnerability, not a bug. It just means that WP7 isn't hacker-proof, which no OS is. Second of all, way to be stuck in the past. You're probably still using Windows XP and Windows Mobile 5. Windows 7 and Windows Phone 7 are both excellent operating systems, and there aren't many bugs. Microsoft has some of the most mature software around in general, so this argument is really moot.

19. remixfa

Posts: 14605; Member since: Dec 19, 2008

All devices have vulnerabilities somewhere. Its just ironic that MS was trying to get publicity by giving WP7 phones away to hacked android owners.. .and at the same moment gets caught with their pants down. Irony.. such fun stuff. lol

21. denney

Posts: 98; Member since: Oct 20, 2011

This is not a security risk. Sometimes the code just gets screwed up with certain combinations. One time a place I worked at had an employee profile for a system that crashed for no apparent reason. Everything was formatted multiple times and it still would not work. They checked to make absolutely sure and the coding was exactly as other profiles. The employees name was then changed by one space in the system and everything started working fine. Sometimes completely unrelated things screw up the system.

22. kirksl

Posts: 1; Member since: Apr 16, 2012

Previous Android user. Complaints since moving over. Windows Phone Complaints 1) Live tile counter doesn't work most of the time for HeyTell, Facebook, GChat 2) Skype doesn't work in background mode. Android does. Makes app useless. 3) Messaging doesn't retain unsent text when switching to other app, home screen. Android does. 4) Can't view facebook like I can on my computer. Android does. 5) Reversing white background/black text for "night mode" like Nokia Maps does would be very nice in dark lighting, movie theather, etc. 6) Requires Zune to copy files off, unless emailed. Android solution is better, acts like a hard drive on USB 7) Auto-copy feature of pics to SkyDrive copies a small version of the picture, not the original size 8) Games that are for free on Android/iTunes cost money! Like Angry Birds. 9) Live Toggle Tiles like Connection Tiles don't update their wording when toggling 10) Market may have 10s of thousands of apps but a high number of them are just "hot girl" apps, missing many apps still! 11) Swype option is not available. Slydr option is a joke! 12) Volume hard buttons and Camera button don't always work when screen is off 13) Built-In "Listen for Music" option does not save what I find for music. Might as well just keep using Shazam/Soundhound 14) Scan barcode options should work like Google Goggles too. 15) Nokia Maps doesn't work in offline mode. Map doesn't load.

Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at https://www.parsintl.com/phonearena or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit https://www.parsintl.com/ for samples and additional information.