back to article JPG hole cuts RAZR open

A bug in Motorola's RAZR firmware could allow a malformed JPG file sent over MMS to overflow the stack, theoretically making it able to execute arbitrary code. The exploit is hypothetical, and would be very hard to abuse, but it's still a serious enough prospect for Motorola to issue a fixed firmware download – even if it's …


  1. Brain


    I wonder how far back this hole goes. I have an old V3 thats still in use for some stuff knocking around the house.

  2. Gis Bun

    Ah typical Motorola

    With the number of RAZRs around, better be fixed soon!

  3. jeremy

    UK Software update link

    V3 listed, v8 not listed...

  4. Pyros
    Oh no!

    I must update my RAZR!

    ...but I can only do that if they actually HAVE a driver for their d*mned phones!

    Just because they stick a Firewire port on it doesn't mean that it shouldn't be used to upload your own custom wallpapers, right? *grumbles*

  5. Anonymous Coward
    Anonymous Coward


    What, exactly, would one DO with a Razr once one pwned it? Send thirty spams an hour? Use it to host underground extreme manga porn?

  6. Ian Emery Silver badge
    "This software requires Internet Explorer 5.5 or higher......."


  7. Rich

    Things to do with a pwned Razr

    Make it charge off standard USB power?

    Disable the outside buttons when the clamshells shut?

    Make it understand that when an MMS has one photo in it there is no "next"?

  8. Anonymous Coward
    Heh, my wife is always upset that my blackberry charger won't charge her razr, but her razr charger will charge my blackberry.

  9. Kanhef

    Attack vector

    Yet another flaw from failing to validate data. Metadata has been targeted before, particularly IDv3 tags in MP3 files.

  10. Anonymous Coward

    Razr rubbish

    Threw mine in the bin after 18 months, the worst phone I ever owned, crap battery life and crashed to a command prompt screen regularly. Never again motorola!

  11. Timbo

    Download site asks for date of purchase !

    How crass can you get?

    To be able to download the software fix, your phone must be "in warranty".

    But if you put in any old date within the last 12 months, it then allows you to download the software....

    Put in an older date and it refuses.....!!

    There doesn't appear to be any other "checks" going on, such as serial number or similar...

    I guess "someone" at Motorola clearly doesn't want you to update the fix and would prefer you to buy a new phone...

    Mine's the one that weighs a ton and looks like a brick.

  12. Ellen Carlsen

    I got what I deserved...

    I bought a V3i when the whole world did.

    I followed the flock like a sheep...

    I thought it looked good - my first phone with a colour screen and I thought I'd listen to MP3. Then I used it. I still like the clamshell design, but otherwise it's a case of style winning over substance.

    Sometimes I suppose you just get what you deserve! ;-)


    when you get a new mobile I guess you have to decide how you want to pay for it. Up front in one lump sum, on credit or 'subsidised' by a contract. I don't know which option is the cheapest!

  13. John Navas
    No update for AT&T Wireless, largest carrier in the USA

    While there is an update for USA T-Mobile, there's no update for AT&T Wireless (Cingular), the largest carrier in the USA, a huge disservice to these users. Both Motorola and AT&T should be ashamed.

  14. Anonymous Coward
    Shoddy service for American victims^H^H^H^H^H^H^Hcustomers

    @John Navas: I'm not at all surprised that the "Number One Provider" doesn't support a fix. Dealing with sub-Third World service is one very large reason I'm glad I don't live in the States anymore. (Sub-Third World politics is another, related issue, but we won't go there now) :-P

    Paris because she's more competent at what she does than the megacorps are at what they say they do...

  15. Brain

    the woes of the v3

    i too got the v3 due to its looks, but it was a useless phone! Massive lag when typing, crashes, battery unusable after only a year, only enough space for one mp3 or VERY short video clip. Rubbish phone.

