Tom Warren from Winrumors revealed (pretty irresponsibly we feel) that Windows Phone 7 has an SMS bug that would allow specially formatted messages (be it from Facebook, SMS or Windows Live) to reboot devices and then cause the Messaging system to lock up permanently, requiring a hard reset to fix.
This would of course be a pretty good denial of service attack on a user, and given that it can come from a SMS message, it could originate from people completely unknown to you.
Microsoft has now confirmed the bug and promised to work to fix it, with Greg Sullivan, Senior product manager for the Windows Phone division telling the Verge:
“We are aware of the issue and our engineering teams are examining it now. Once we have more details, we will take appropriate action to help ensure customers are protected.”
The last time Microsoft had to send out a security update it was for the browser certificate security vulnerability, which was pushed out several months after the vulnerability was patched on the desktop. Lets hope Microsoft proves more nimble on this occasion.