>> As El Reg reported on Tuesday, a flaw in Samsung's dialing software causes its phones to execute some tel protocol URIs (universal resource identifiers) without the user even pressing the Dial button. At worst, this allows a remote attacker to send the Unstructured Supplementary Service Data (USSD) code that resets the phone to its factory state, wiping all the data in the process.
URI, that is the bit that you felt needed further explanation?
Also what's with the 'without pressing the dial button', isn't that the usual practice - you enter the code into the dialler and it performs the associated command, I don't recall ever pressing the dial button. The flaw is that it is taking the code from outside of the dialler and processing it as though it had been entered in the dialer - then again with smart phones, you'd have thought there would be a better way to do this than the *#.... codes