HTC confirms security hole, patch coming

HTC has confirmed that it is looking into a security loophole found over the weekend that would allow some apps to peek at personal information stored on HTC smartphones.

"HTC takes claims related to the security of our products very seriously. In our on going investigation into this recent claim, we have concluded that while this HTC software itself does no harm to customers' data, there is a vulnerability that could potentially be exploited by a malicious third-party application."

Before you panic and start deleting all your apps, it is worth pointing out that the information is only given out to applications aware of the loophole and once you’ve given that app permission.

"A third party malware app exploiting this or any other vulnerability would potentially be acting in violation of civil and criminal laws. So far, we have not learned of any customers being affected in this way and would like to prevent it by making sure all customers are aware of this potential vulnerability."

"HTC is working very diligently to quickly release a security update that will resolve the issue on affected devices. Following a short testing period by our carrier partners, the patch will be sent over-the-air to customers, who will be notified to download and install it. We urge all users to install the update promptly."

Several models are said to be affected, including Evo 3D, Evo 4G, Thunderbolt and potentially the Sensation range - the latest of which, the Sensation XE, is expected to be announced this week.

During this time "we [HTC] strongly urge customers to use caution when downloading, using, installing and updating applications from untrusted sources."

Best play it safe on the app front for the time being then. 

Worried about HTC security issues? Let us know in the comments below ...