Major Exploit in Google’s Android/PC Web Browsers!

IT Security-Researcher MJ Keith of Alert Logic has found an exploit in our beloved Android OS. This involves the use of an attack code “piggy backed” on a loading a web page. Once the attack code is on the host phone it allows “hacker” to run simple command line shell in the Android system.


The security flaw targets WebKit’s brower engine used by Google in their smart phones as well as Google Chrome’s web browser. Reported to only be affecting Android 2.1 and below.

The biggest fear of this current exploit is not the “attack code” itself but rather the “malware” the code may download onto the affected device. Giving the bug the ability to import/export files. Meaning your device is an unlocked door to the “hacker.” On the positive side the “hole” does not give full “root” access to the malicious app.

Unknown if this exploit is being actively used at this time, considering MJ Keith wrote it. He has made the exploit known to Google. Receiving a less than acceptable brush off statement that the exploit was resolved with Android 2.2 and that over  36% of Android smartphones run 2.2 therefore  the exploit is targeting an outdated OS.

For the leader in “Open Sourced” community Google has been very reluctant to publish security holes or patch information. Leaving it’s users in the dark when it comes to the security of their devices. Thus us Android afficianados must rely on Android news sites to become “in the know” Hopefully this will change in the future until it does we will keep you posted.

About author

AndroidGuys
AndroidGuys 4625 posts

Founded on November 5, 2007, we've enjoyed bringing you the latest in Android news and rumors. Updated daily, we strive to deliver reviews, opinions, and updates on all things related to Android.

You might also like

News and Rumors

Verizon Galaxy Nexus shows up in online ads for $199; you still can’t buy one

Talk about a tease! A tantalizing Verizon advertisement has been popping up all over the web showing the much anticipated Galaxy Nexus — and if that wasn’t enough — the

News and Rumors

Nikon intros Android-based 16-megapixel camera

Nikon today announced a 16-megapixel Android-based camera in the form of the recently rumored S800C. Featuring a 10X optical zoom and Wi-Fi support, the camera runs 2.3 Gingerbread under the

News and Rumors

Galaxy S Promo Site Goes Live

Lately I have been feeling like a Pointer Sister from the ’80’s, humming “I’m So Excited” like a fiend as we draw closer and closer to a release date for

3 Comments

  1. JayDubya
    November 12, 18:50 Reply

    Well I guess then Google needs to tell Motorola and the others who are selling brand new models with the “outdated OS”.

  2. Dan
    November 12, 19:33 Reply

    Probably just someone angry at fragmentation and trying to force manufacturers to update to 2.2

  3. Gary
    November 13, 07:12 Reply

    This is why it is irresponsible not to have the browser updatable via the Market.

Leave a Reply