A quick way to tell if your Samsung phone is at risk, and what to do if it is
There's a lot of confusion as to exactly which Samsung phones are affected by today's big scary USSD vulnerability, which could cause some phones to factory reset themselves upon visiting a malicious web page. Some Galaxy S2 and S3-class phones are susceptible, others less so. In some cases it depends if you're running the latest firmware or not. In others, there's no patched firmware available yet.
Samsung will surely be hard at work rolling out fixes for devices that remain susceptible, but in the meantime we've got a quick, easy to tell if your phone is at risk, without taking the plunge and running the malicious code itself. Find out more after the break.
First off, note that today's glitch only affects Samsung phones. Our testing method may produce different results on other manufacturers' devices, but it's important to remember that it's impossible to use this exploit on a phone that's not running Samsung's TouchWiz software. Also, note that we don't see any secret information from your phone during this test. If in doubt, right-click and check the source code to see exactly what we're doing. It's a pretty simple test.
With that in mind, head to this page on your Samsung phone's stock browser. You'll find it at androidcentral.com/ussd-test
With this page loaded on your phone, simply click the button in the embedded area below to see if your Samsung phone is at risk. The test works by trying to direct you to a benign USSD code, specifically, the one that displays your IMEI (or MEID on CDMA phones) on your screen -- nothing malicious. If you're using a Samsung phone and a window pops up showing your IMEI/MEID number, you're likely vulnerable. If your dialer just loads up showing either nothing, or *#06# in the number read-out, you should be safe.
If the test suggests you're vulnerable, we'd advise you update your firmware to the latest version. If your phone's latest firmware version is still affected, we recommend using a third-party dialer like Dialer One, and setting it as the default dialer until all this has blown over.
Let us know how you get on down in the comments. Safe browsing, everyone!