Cell phones are increasingly becoming attractive targets of various worms, which cause the leakage of user privacy, extra service charges and depletion of battery power. In this work, we study propagation of cell-phone worms, which exploit Multimedia Messaging Service (MMS) and/or Bluetooth for spreading. We then propose a systematic countermeasure against the worms. At the terminal level, we adopt Graphic Turing test and identity-based signature to block unauthorized messages from leaving compromised phones; at the network level, we propose a push-based automated patching scheme for cleansing compromised phones. Through experiments on phone devices and a wide variety of networks, we show that cellular systems taking advantage of our defense can achieve a low infection rate (e.g., less than 3% within 30 hours) even under severe attacks. Categories and Subject Descriptors C.2.m [Computer-Communication Networks]: Miscellaneous; C.2.0 [General]: Security and Protections General Terms Sec...