Malicious image could open security hole in Razr

Motorola fixes hole in new Razr phones that could open them up to attack.

If you use a Motorola Razr cell phone, don't accept JPEGs from strangers.

A vulnerability has been discovered in the phones that could allow a hacker to send a corrupt JPEG image via Multimedia Messaging Service that could be leveraged to run malicious code on the phone. However, you would have to accept the image for download before that could happen.

The specific flaw exists in the JPEG thumbprint component of the EXIF parser, according to an advisory released by security firm TippingPoint's Zero Day Initiative on Tuesday.

"Although the possibility of this vulnerability occurring is very remote," Motorola has fixed the vulnerability in all new releases of the Razr and urges people with older devices to download the latest software from its Web site, the advisory said.

The vulnerability was reported to Motorola last June.

About the author

Elinor Mills covers Internet security and privacy. She joined CNET News in 2005 after working as a foreign correspondent for Reuters in Portugal and writing for The Industry Standard, the IDG News Service, and the Associated Press. E-mail Elinor.

 

Join the discussion

Conversation powered by Livefyre

Show Comments Hide Comments
Latest Galleries from CNET
The best tech products of 2014
Does this Wi-Fi-enabled doorbell Ring true? (pictures)
Seven tips for securing your Facebook account
The best 3D-printing projects of 2014 (pictures)
15 crazy old phones from a Korean museum (pictures)
10 gloriously geeky highlights from 2014 (pictures)