According to Winrumors, you can take out a Windows Phone 7 device (they say various Windows Phone 7s on any carrier) with a single, solitary SMS message with a [redacted at request of Winrumors]. Worse (or better?) yet, it doesn’t have to be a text, it can be a Facebook message or Windows Live chat.
The flaw works simply by sending an SMS to a Windows Phone user. If the SMS contains a particular string of text then Windows Phone 7.5 devices will reboot and the messaging hub will not open despite repeat attempts. We have tested the attack on a range of Windows Phone devices, including HTC’s TITAN and Samsung’s Focus Flash. The attack is not device specific and appears to be an issue with the way the Windows Phone messaging hub handles particular characters. The bug is also triggered if a user sends a Facebook chat message or Windows Live Messenger message to a recipient.
And you don’t just get a reboot. When your phone comes hobbling back to life, the Messaging hub no longer works. And other parts of the OS are wonky.
If a user has pinned a friend as a live tile on their device and the friend posts a particular string of text on Facebook then the live tile will update and causes the device to lock up.
The fix? Hard reset of the device. Ouch.
In a totally unrelated note, the head of the Windows Phone 7 division was fired today.