Black Hat 2012 brings news of a functional Man-in-the-Middle (MitM) exploit that’s able to use Android’s active sync support for Exchange that’ll wipe the phone.

Yes, that’s a big ouch.

Here’s a simplified (it’s just to give a general idea folks, not meant to be a legit) example:

1. I take a router that I’ve configured to impersonate a valid router in the environment.

2. I stick a self-generated SSL certificate.

3. I push out an Exchange device wipe command from the fake router to devices that connect to the fake.

4. User cries.

Granted, IRL things are more complicated but it’s embarrassing that such an attempt with fake certs even works. Pay attention to your connections, watch out for self-signed certs, and bug someone to fix this.

PS: Apple users, don’t gloat, iOS was also stung by this. WP was the only one immune. Double ouch.

Via wpsauce and this pdf.