Major Exploit in Google’s Android/PC Web Browsers!

IT Security-Researcher MJ Keith of Alert Logic has found an exploit in our beloved Android OS. This involves the use of an attack code “piggy backed” on a loading a web page. Once the attack code is on the host phone it allows “hacker” to run simple command line shell in the Android system.


The security flaw targets WebKit’s brower engine used by Google in their smart phones as well as Google Chrome’s web browser. Reported to only be affecting Android 2.1 and below.

The biggest fear of this current exploit is not the “attack code” itself but rather the “malware” the code may download onto the affected device. Giving the bug the ability to import/export files. Meaning your device is an unlocked door to the “hacker.” On the positive side the “hole” does not give full “root” access to the malicious app.

Unknown if this exploit is being actively used at this time, considering MJ Keith wrote it. He has made the exploit known to Google. Receiving a less than acceptable brush off statement that the exploit was resolved with Android 2.2 and that over  36% of Android smartphones run 2.2 therefore  the exploit is targeting an outdated OS.

For the leader in “Open Sourced” community Google has been very reluctant to publish security holes or patch information. Leaving it’s users in the dark when it comes to the security of their devices. Thus us Android afficianados must rely on Android news sites to become “in the know” Hopefully this will change in the future until it does we will keep you posted.

About author

AndroidGuys
AndroidGuys 4641 posts

Founded on November 5, 2007, we've enjoyed bringing you the latest in Android news and rumors. Updated daily, we strive to deliver reviews, opinions, and updates on all things related to Android.

You might also like

News and Rumors

T-Mobile Now Offering Samsung Galaxy Tab!

Consider this more of a courtesy reminder, but T-Mobile is now selling the Samsung Galaxy Tab. The 7-inch Android 2.2 tablet runs $399 with a two-year service agreement, $599 if you chose to buy it outright.

News and Rumors

HTC Desire 816 announced with spring release

HTC on Monday announced the Desire 816, a mid-range Android that provides much of the HTC One experience in a lower price point. Made from polycarbonate materials, the Desire 816

Featured

Introducing AndroidGuys Deals

If you’ve been following AndroidGuys over the last six years you will recognize that our direction has changed with time. Specifically, we no longer focus as much on leaks and rumors

3 Comments

  1. JayDubya
    November 12, 18:50 Reply

    Well I guess then Google needs to tell Motorola and the others who are selling brand new models with the “outdated OS”.

  2. Dan
    November 12, 19:33 Reply

    Probably just someone angry at fragmentation and trying to force manufacturers to update to 2.2

  3. Gary
    November 13, 07:12 Reply

    This is why it is irresponsible not to have the browser updatable via the Market.

Leave a Reply