So HTC dun goofed with its Android devices, allowing full access to all of your information to virtually any app on the Android Market that can access a very simple and open line of code. The issue exists with devices that are running the stock Sense UI software from HTC, so all you rooted and ROMed people out there, you’re in the clear. The devs over at RootzWiki (disclosure: The Noisecast’s Eric Ravenscraft works there) have come up with a solution to plug up this security hole, until HTC gets around to sending out an official patch. Please note that you must root your device in order to apply their fix, so for those who have warranty fears, fears of bricking, or are running a corporate phone that you can’t root because you’ll get in trouble, you must unfortunately wait for the official HTC patch to roll out. Upon rooting your device you should first download and install a Proof of Concept app by TrevE (download here or here) to see if your HTC handset is indeed affected by this bug. SO far the Evo 3D, Evo 4G, and the Thunderbolt are all confirmed to be affected. Hit up the source link for a full and detailed breakdown of the security hole and how to patch it up!
Source: RootzWiki
Pingback: HTC working swiftly to patch up security hole | The Noisecast