Preventing Samsung wipe exploit?

LINK:
http://www.siliconrepublic.com/strategy/item/29393-samsung-exploit-can-wipe/

Is there any possibility for avast! Mobile Security to prevent this kind of exploit? I mean, Samsung is absolute crap when it comes to updates and it seems i’ll be stuck with Android 4.0.3 which is still affected by this exploit. And i realyl don’t want to get my phone wiped.
Can it be done using avast! Mobile Security to prevent this from happening on those unfortunate enough not to get the updates?

I was thinking about this and also have considered to post in blog.
Maybe it will overalert the users.

Can’t avast! Mobile Security block the phone number used to pass the command?

Or Anti-Theft as device admin could prevent this unauthorized action? I hope avast will figure something out, because we are stuck in 4.0.3 with this exploit for a while for sure…

update: we’ll publish an update next week which will allow you to block such stuff.

Can you disclose the technology used for such thing (in general terms of course)?

Hm, there is a prevention for this i just found out. If you are using another dialer app, phone will first ask you which one you want to use for the action.
It’s not exactly normal for dialer to popup when you open an URL. So if you see this dialog while browsing or snapping QR code, you just need to click Back button and you’re saved.

At the moment i’m using exDialer and it works like this. Of course you shouldn’t set one as default, otherwise it would enter the codes directly.

http://forum.avast.com/index.php?topic=106229.0

Haven’t Samsung just announced an update to resolve this vulnerability, I’m sure I have read something about a Samsung update for Android. Unfortunately I can’t remember where I read it.

There are two applications (at least) on Google Play that deals with this phone priority action and protects the user.
Until avast! get it, it’s a solution.

FYI: http://www.h-online.com/open/news/item/Android-control-code-issue-affects-almost-all-manufacturers-1720298.html

OK, maybe I do not need exDialer ??? I have removed default permissions from phone, and as I have Skype installed now I am always asked, use phone or Skype for phone dialing.

Well, for as long as you get that dialog, it doesn’t matter what ap you use. Dialers are just the most obvious ones…

FYI: http://www.geek.com/articles/mobile/samsung-issues-galaxy-s3-fix-for-phone-wipe-vulnerability-20120926/

The patch for SIII should be out, for SII is coming soon.

Nope, according test link, IMEI was retrieved, so Skype does not help here…

Considering i still haven’t got 4.0.4 update for my S2 (still on old 4.0.3) i have very little hope of ever getting the damn update. Jelly Bean is still probably in some other dimension for Samsung as well…

I have no 4.0.4 in Lithuania too. Official answer from Samsung Lithuania was “because critical bug was found”. Maybe they really had in mind this exploit and it is the reason Lithuania has not received update by previous schedule…

I have Jelly Bean 4.1.1 on my Samsung Galaxy Nexus, so the possibility is that it is your service/network provider that is stalling the updates. I’m lucky in that my Samsung Galaxy Nexus is SIM free not tied to any network

That appears to be the problem with android phones, when they are tied to a service/network provider that has customised the Android OS version installed.

No. You have to understand that all Nexus devices get updates as soon as Google releases them. Or with slight delay but they get it. That’s why you got JB so quickly. Normal Samsung phone models take ages for an update if they ever receive one…

Agreed, a bit like supporting old operating systems, I guess this is why the other custom ROM builds is so active/attractive.

But it also depends on the network provider if you haven’t got a SIM free phone as their ROM may block unbranded/network customised updates. Which no doubt some use as a stick to make you upgrade the phone.

http://www.cyanogenmod.com/

CyanogenMod is an aftermarket firmware for a number of cell phones based on the open-source Android operating system. It offers features not found in the official Android based firmwares of vendors of these cell phones.

Sad but true…