It seems Samsung’s in quite of a predicament. It was reported that Samsung TouchWiz devices including the Galaxy S II are being reset via an HTML code vulnerability, which when clicked wipes the phone.
The vulnerability was initially thought to only affect the Galaxy S III as tweeted by Pau Olivia:
the USSD code to factory data reset a Galaxy S3 is *2767*3855# can be triggered from browser like this: <frame src=”tel:*2767*3855%23″ />
— Pau Oliva (@pof) September 25, 2012
Although multiple reports suggest that it only brings up the phone’s dialer. The vulnerability instead works on the Galaxy S II which is caused by the TouchWiz launcher which automatically dials the reset code.
According to Tweakers the Galaxy S Advance is also being affected by the problem.
Samsung is reported to be looking into the problem.