A number of mobile phones from Sony Ericsson are vulnerable to remote attack from a “drive-by”
Both the French Security Incident Response Team (FrSIRT) and security form Secunia have reported the Bluetooth vulnerability in the phones, which include the K600i and the ageing T68i.
The Bluetooth feature in the phones fails to properly handle malformed L2CAP (Logical Link Control and Adaptation Layer Protocol) data sent by attackers using the short-range wireless Bluetooth platform.
Such attacks lead to the phones crashing when targeted, although the damage caused would be minimal, according to the security experts.
A user could simply start up their phone again and no data would be lost. There are concerns, however, that Bluetooth is an increasingly dangerous way for remote hackers to steal information from people’s phones.
This threat has already been demonstrated in previous vulnerabilities that have mainly targeted Nokia phones.
Like most threats that take advantage of Bluetooth, Sony Ericsson users can avoid any problems as a result of the latest threat by turning off the Bluetooth “discover” connectivity feature on their phone.