Major Exploit in Google’s Android/PC Web Browsers!
IT Security-Researcher MJ Keith of Alert Logic has found an exploit in our beloved Android OS. This involves the use of an attack code “piggy backed” on a loading a web page. Once the attack code is on the host phone it allows “hacker” to run simple command line shell in the Android system.
The security flaw targets WebKit’s brower engine used by Google in their smart phones as well as Google Chrome’s web browser. Reported to only be affecting Android 2.1 and below.
The biggest fear of this current exploit is not the “attack code” itself but rather the “malware” the code may download onto the affected device. Giving the bug the ability to import/export files. Meaning your device is an unlocked door to the “hacker.” On the positive side the “hole” does not give full “root” access to the malicious app.
Unknown if this exploit is being actively used at this time, considering MJ Keith wrote it. He has made the exploit known to Google. Receiving a less than acceptable brush off statement that the exploit was resolved with Android 2.2 and that over 36% of Android smartphones run 2.2 therefore the exploit is targeting an outdated OS.
For the leader in “Open Sourced” community Google has been very reluctant to publish security holes or patch information. Leaving it’s users in the dark when it comes to the security of their devices. Thus us Android afficianados must rely on Android news sites to become “in the know” Hopefully this will change in the future until it does we will keep you posted.
You might also like
Consider this more of a courtesy reminder, but T-Mobile is now selling the Samsung Galaxy Tab. The 7-inch Android 2.2 tablet runs $399 with a two-year service agreement, $599 if you chose to buy it outright.
HTC on Monday announced the Desire 816, a mid-range Android that provides much of the HTC One experience in a lower price point. Made from polycarbonate materials, the Desire 816
If you’ve been following AndroidGuys over the last six years you will recognize that our direction has changed with time. Specifically, we no longer focus as much on leaks and rumors