Malicious image could open security hole in Razr

Motorola fixes hole in new Razr phones that could open them up to attack.

If you use a Motorola Razr cell phone, don't accept JPEGs from strangers.

A vulnerability has been discovered in the phones that could allow a hacker to send a corrupt JPEG image via Multimedia Messaging Service that could be leveraged to run malicious code on the phone. However, you would have to accept the image for download before that could happen.

The specific flaw exists in the JPEG thumbprint component of the EXIF parser, according to an advisory released by security firm TippingPoint's Zero Day Initiative on Tuesday.

"Although the possibility of this vulnerability occurring is very remote," Motorola has fixed the vulnerability in all new releases of the Razr and urges people with older devices to download the latest software from its Web site, the advisory said.

The vulnerability was reported to Motorola last June.

 

Join the discussion

Conversation powered by Livefyre

Show Comments Hide Comments