A new security bug has been discovered in some of the Android smartphones manufactured by HTC, a global smartphone manufacturer. The bug discovered in these devices allows applications to gain access to confidential WiFi data including the existing network passwords saved on those devices.
Handsets that have been reported to be affected by this bug include the Desire HD, Desire S, Sensation and EVO 3D.
The apps installed on these devices and granted the ACCESS_WIFI_STATE permission can do more than simply check on the status of your WiFi connection. These models return such requests with full WiFi password details. An app with the bug and internet permissions could potentially leave confidential WiFi data easily accessible by hackers.
According to HTC’s support website: “HTC has developed a fix for a small WiFi issue affecting some HTC phones. Most phones have received this fix already through regular updates and upgrades. However, some phones will need to have the fix manually loaded. Please check back next week for more information about this fix and a manual download if you need to update your phone.”
The bug, according to reports, was discovered in September 2011 but was kept under wraps by the company until a fix came underway.