HTC confirms smartphone security flaw, promises patch

After researchers made public a massive security flaw affecting many of its devices, Taiwan-based smartphone maker HTC promised to roll out a patch to fix the vulnerability. HTC confirmed the researchers’ findings that a third-party malware could potentially “exploit" the security hole in its software. “In our ongoing investigation into this recent claim, we have concluded that while this HTC software itself does no harm to customers’ data, there is a vulnerability that could potentially be exploited by a malicious third-party application," it said, according to an article on tech site Engadget. But the firm maintained that, so far, it has not learned of any customers being affected in this way. It said it is “working very diligently to quickly release a security update that will resolve the issue on affected devices." “Following a short testing period by our carrier partners, the patch will be sent over-the-air to customers, who will be notified to download and install it. We urge all users to install the update promptly," it said. For the moment, HTC advised its customers to use caution when downloading, using, installing and updating applications from untrusted sources. Earlier, a group of researchers found an apparent glitch that allows any app requesting Internet access to access a user’s account information, GPS location, system logs, and other potentially private data. The researchers said the glitch affected some models of HTC smartphones running Android. — TJD, GMA News