TouchWIZ has always been a contentious layer on top of Google’s Android platform, but its existence could expose some of the darker sides of carrier skins. According to an Android hacker Ravi Borgaonkar, Samsung’s TouchWIZ layer is vulnerable to a USSD code execution that can potentially wipe all the data on a user’s phone or lock the SIM card slot. USSD codes are used to execute commands such as registering a phone’s SIM with a cellular network or viewing device diagnostics when troubleshooting.
The phones affected are the Galaxy S Advance, Galaxy Ace, Galaxy Beam Galaxy S II, Galaxy S III, all running Android 2.3 or Android 4.0. Samsung has apparently patched the exploit on Android 4.1 Jelly Bean, which is expected to roll out to the Galaxy S III in October, and older devices by the end of the year.
While this is no cause for immediate panic, it does bring light to the fact that carrier skins such as Samsung’s TouchWIZ can potentially introduce holes in what is otherwise a very secure operating system. Google’s “pure Android” devices such as the Galaxy Nexus are not affected by this vulnerability. The small line of HTML code can be activated via a regular link, SMS, a QR code or NFC tag, but is limited to Samsung’s stock browser; Chrome for Android users are unaffected.
You can see the vulnerability being shown off in a video after the break. It starts around the 9:30 mark.