Android security flaws have been fixed and should be updated on Android phones. The flaws involve SMS that can disconnect the phone and rogue apps restarting the phone.
The security flaw is in Android 1.5, a.k.a cupcake, most T-Mobile customers in the U.S. should have received their Over-The-Air update to Android "Donut" 1.6 by now. If you haven't contact T-Mobile to get the new version of Android.
For SMS messages: a
specific malformed SMS message can be crafted to trigger a condition that
disconnects the mobile phone from the cellular network.
The second report addresses a number of issues discovered in the Android's
Dalvik API, one of them has been classified by the Android team as a
DoS vulnerability which leads to restarting the system process.
A specific malicious application can be crafted so that if it is downloaded
and executed by the user, it would trigger the vulnerable API function and
restart the system process.
"...The flaws involve SMS that can disconnect the phone and rogue apps restarting the phone..." Also happens in bulk messaging scheme. Glad it has been fixed.