MOBILE Archives

February 2012

MOBILE@LIST.UVM.EDU

Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
From:
Sam Hooker <[log in to unmask]>
Reply To:
Discussions about Mobile Devices <[log in to unmask]>
Date:
Thu, 2 Feb 2012 11:45:37 -0500
Content-Type:
multipart/signed
Parts/Attachments:
text/plain (826 bytes) , signature.asc (904 bytes)

A flaw which has the potential to expose 802.1X wireless credentials by
way of a malicious app has been discovered in some HTC builds of Android[1].

The campus-wide wireless network "UVM" uses 802.1X for access control,
and many devices are likely to store NetID credentials for use with that
network; those credentials may be at risk of exposure. Users of
Android-enabled HTC devices should visit HTC support[2] for assistance
in obtaining and installing code updates to mitigate the exposure.

If you or your constituents use HTC Android devices, visit the US-CERT
bulletin[1] for a list of those confirmed to be affected.


Cheers,

-sth

[1]http://www.kb.cert.org/vuls/id/763355
[2]http://www.htc.com/www/help

--
Sam Hooker | [log in to unmask]
Systems Architecture and Administration
Enterprise Technology Services
The University of Vermont








ATOM RSS1 RSS2