Vulnerability in Android 2.3 allows access to microSD content

A researcher at North Carolina State University, Xuxian Jiang, discovered a security vulnerability in Android 2.3. This vulnerability allows read / write access to the phone’s microSD card content and access to the list of installed applications. A similar vulnerability was found in earlier versions of Android and Google already made corrections to close this vulnerability. But as it turned out these fixes can be circumvented.

To gain access to an attacker, it is enough that the user follows the link leading to the site with the malicious code. As a result, the attacker gets access to any files stored on the microSD-card, including personal data that can be stored on it.
')
As a temporary solution to this problem, it is recommended not to use a microSD card, or disable JavaScript in the browser, or use a third-party browser.

There is information that Google is already working to fix this problem, but when the update will be released is still unknown.

A source