"In an initial test by heise Security, The H's associates in Germany, it was not possible to get the attack to run on a European Samsung Galaxy S3 running Android 4.0.4 when calling a supplied demonstration page. It only opened the Dialer and showed the short code for a brief time. According to other reports, (AndroidNextGerman language link and SmartDroidGerman language link), the hole is already closed with Android 4.1 (Jelly Bean)."
Remote resetting a Samsung phone made easy
--
trey @ gépház