A security flaw in HTC handsets could potentially be spewing users personal information out to unscrupulous app developers, including a user’s location, e-mails, texts and contacts list.
The bug is reportedly a result of the modifications HTC makes to Android through its Sense UI. Phones thought to be vulnerable so far include the upcoming HTC Vigor, the Evo 3D and some Sensation handsets.
“HTC takes our customers’ security very seriously, and we are working to investigate this claim as quickly as possible.” Said HTC in a statement. “We will provide an update as soon as we’re able to determine the accuracy of the claim and what steps, if any, need to be taken.”
HTC have since confirmed that a patch to plug the hole in its phones’ security is inbound, describing the bug as a “vulnerability that could potentially be exploited by a malicious third-party application.” According to HTC, no users have been affected so far by the security hole, but to put minds at ease the update will be sent out over the air in the next few days. In the meantime, it’s encouraging its customers to be extra vigilant when downloading apps from dodgy places.