Some of you may have heard the big news, there is a bit of html code that can remotely do a factory reset on your device while browsing around without your consent or way to stop it. the website has to have it setup and has to the stock web browser. since this exploit was released into the public it is unknown on if any sites may "maliciously" add it in. i cant confirm or deny that this device may be subject to this exploit, but its for teh best that you know anyways.
the code can be viewed via a frame on a website, so some jerk posting the html code into a comment isnt gunna make the site screw your phone up. so it has to be setup to run the exploit, but since it is only a few lines im sure a few sites already have ill intentions. Exploit test should show if you are vulnerable
so far it seems its only samsung devices that are affected but many more could be.
Update
Confirmed you guys are exploitable http://i.imgur.com/UFfxj.png
now this means that on a stock rom dialer codes can be tripped by malicious websites
the code can be viewed via a frame on a website, so some jerk posting the html code into a comment isnt gunna make the site screw your phone up. so it has to be setup to run the exploit, but since it is only a few lines im sure a few sites already have ill intentions. Exploit test should show if you are vulnerable
so far it seems its only samsung devices that are affected but many more could be.
Update
Confirmed you guys are exploitable http://i.imgur.com/UFfxj.png
now this means that on a stock rom dialer codes can be tripped by malicious websites
ok lord vincent did some testing and here is basically a rundown:
may not be of any big concern, everyone is ranting about the sgs3 reset code since even the sgs2 has a diff code to reset it it means that the "exploit" may be on many devices but in order to effectively target them you would have to have every dialer code for every phone and i dont see that happening.
a more likley solution is someone who knows of lets say the prevail, builds a new site that gets a lot of google hits like prevailcyanogenmod9.com or something of teh sort and expects prevail owners to pull it up on their device
so while your chances of being hijacked by this are VERY slim. this is all the more reason on why you should be doing regular nandroids and saving to your computer in the event something does happen